./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4fc63b2a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-4fc63b2 [2024-10-31 22:02:49,917 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-31 22:02:49,991 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-31 22:02:49,997 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-31 22:02:49,997 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-31 22:02:50,029 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-31 22:02:50,031 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-31 22:02:50,031 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-31 22:02:50,032 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-31 22:02:50,032 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-31 22:02:50,033 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-31 22:02:50,033 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-31 22:02:50,034 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-31 22:02:50,034 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-31 22:02:50,034 INFO L153 SettingsManager]: * Use SBE=true [2024-10-31 22:02:50,037 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-31 22:02:50,039 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-31 22:02:50,040 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-31 22:02:50,042 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-31 22:02:50,043 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-31 22:02:50,043 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-31 22:02:50,045 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-31 22:02:50,046 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-31 22:02:50,046 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-31 22:02:50,047 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-31 22:02:50,047 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-31 22:02:50,047 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-31 22:02:50,048 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-31 22:02:50,048 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-31 22:02:50,048 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-31 22:02:50,049 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-31 22:02:50,049 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-31 22:02:50,049 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 22:02:50,050 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-31 22:02:50,050 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-31 22:02:50,051 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-31 22:02:50,052 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-31 22:02:50,052 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-31 22:02:50,053 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-31 22:02:50,053 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-31 22:02:50,054 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-31 22:02:50,054 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-31 22:02:50,054 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 [2024-10-31 22:02:50,335 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-31 22:02:50,373 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-31 22:02:50,378 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-31 22:02:50,380 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-31 22:02:50,381 INFO L274 PluginConnector]: CDTParser initialized [2024-10-31 22:02:50,382 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/../../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c Unable to find full path for "g++" [2024-10-31 22:02:52,528 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-31 22:02:52,774 INFO L384 CDTParser]: Found 1 translation units. [2024-10-31 22:02:52,776 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2024-10-31 22:02:52,790 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/data/11224d168/767933516775423782327b5f0e8b927c/FLAG503ca86e8 [2024-10-31 22:02:52,809 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/data/11224d168/767933516775423782327b5f0e8b927c [2024-10-31 22:02:52,812 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-31 22:02:52,814 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-31 22:02:52,817 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-31 22:02:52,817 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-31 22:02:52,822 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-31 22:02:52,823 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:02:52" (1/1) ... [2024-10-31 22:02:52,825 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1f61d610 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:52, skipping insertion in model container [2024-10-31 22:02:52,825 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:02:52" (1/1) ... [2024-10-31 22:02:52,873 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-31 22:02:53,150 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2024-10-31 22:02:53,256 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:02:53,267 INFO L200 MainTranslator]: Completed pre-run [2024-10-31 22:02:53,278 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2024-10-31 22:02:53,280 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] [2024-10-31 22:02:53,280 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] [2024-10-31 22:02:53,280 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] [2024-10-31 22:02:53,281 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] [2024-10-31 22:02:53,281 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] [2024-10-31 22:02:53,281 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] [2024-10-31 22:02:53,281 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] [2024-10-31 22:02:53,307 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2024-10-31 22:02:53,371 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:02:53,396 INFO L204 MainTranslator]: Completed translation [2024-10-31 22:02:53,396 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53 WrapperNode [2024-10-31 22:02:53,397 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-31 22:02:53,398 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-31 22:02:53,398 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-31 22:02:53,398 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-31 22:02:53,404 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,417 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,446 INFO L138 Inliner]: procedures = 63, calls = 121, calls flagged for inlining = 29, calls inlined = 26, statements flattened = 298 [2024-10-31 22:02:53,446 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-31 22:02:53,447 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-31 22:02:53,447 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-31 22:02:53,448 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-31 22:02:53,461 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,462 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,464 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,480 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-31 22:02:53,481 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,481 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,487 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,492 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,494 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,496 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,499 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-31 22:02:53,500 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-31 22:02:53,500 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-31 22:02:53,513 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-31 22:02:53,514 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (1/1) ... [2024-10-31 22:02:53,530 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 22:02:53,550 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:02:53,567 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-31 22:02:53,570 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-31 22:02:53,615 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-31 22:02:53,615 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2024-10-31 22:02:53,615 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2024-10-31 22:02:53,615 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-31 22:02:53,615 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-31 22:02:53,615 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-31 22:02:53,615 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-31 22:02:53,616 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2024-10-31 22:02:53,616 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2024-10-31 22:02:53,616 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-31 22:02:53,616 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-31 22:02:53,616 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2024-10-31 22:02:53,616 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2024-10-31 22:02:53,616 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2024-10-31 22:02:53,616 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2024-10-31 22:02:53,617 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-10-31 22:02:53,617 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-10-31 22:02:53,617 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-31 22:02:53,617 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-31 22:02:53,617 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-31 22:02:53,617 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2024-10-31 22:02:53,618 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2024-10-31 22:02:53,618 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-31 22:02:53,618 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-31 22:02:53,618 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-31 22:02:53,618 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-31 22:02:53,702 INFO L238 CfgBuilder]: Building ICFG [2024-10-31 22:02:53,705 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-31 22:02:54,136 INFO L? ?]: Removed 55 outVars from TransFormulas that were not future-live. [2024-10-31 22:02:54,137 INFO L287 CfgBuilder]: Performing block encoding [2024-10-31 22:02:54,161 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-31 22:02:54,162 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-31 22:02:54,165 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:02:54 BoogieIcfgContainer [2024-10-31 22:02:54,165 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-31 22:02:54,169 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-31 22:02:54,169 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-31 22:02:54,172 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-31 22:02:54,174 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 31.10 10:02:52" (1/3) ... [2024-10-31 22:02:54,176 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@77259a6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:02:54, skipping insertion in model container [2024-10-31 22:02:54,176 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:02:53" (2/3) ... [2024-10-31 22:02:54,177 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@77259a6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:02:54, skipping insertion in model container [2024-10-31 22:02:54,179 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:02:54" (3/3) ... [2024-10-31 22:02:54,180 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_productSimulator.cil.c [2024-10-31 22:02:54,199 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-31 22:02:54,199 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-31 22:02:54,265 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-31 22:02:54,271 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@45d0ecc2, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-31 22:02:54,271 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-31 22:02:54,275 INFO L276 IsEmpty]: Start isEmpty. Operand has 138 states, 97 states have (on average 1.3711340206185567) internal successors, (133), 113 states have internal predecessors, (133), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) [2024-10-31 22:02:54,283 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-10-31 22:02:54,283 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:02:54,284 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:02:54,284 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:02:54,289 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:02:54,290 INFO L85 PathProgramCache]: Analyzing trace with hash 1615566960, now seen corresponding path program 1 times [2024-10-31 22:02:54,302 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:02:54,303 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [620725392] [2024-10-31 22:02:54,304 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:02:54,304 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:02:54,476 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:54,600 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:02:54,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:54,611 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:02:54,616 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:54,623 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:02:54,629 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:54,639 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:02:54,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:54,651 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:02:54,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:54,658 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:02:54,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:54,668 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:02:54,669 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:02:54,670 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [620725392] [2024-10-31 22:02:54,670 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [620725392] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:02:54,671 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:02:54,671 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-31 22:02:54,675 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1443109560] [2024-10-31 22:02:54,676 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:02:54,681 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-31 22:02:54,682 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:02:54,707 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-31 22:02:54,707 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:02:54,710 INFO L87 Difference]: Start difference. First operand has 138 states, 97 states have (on average 1.3711340206185567) internal successors, (133), 113 states have internal predecessors, (133), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) Second operand has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:54,755 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:02:54,755 INFO L93 Difference]: Finished difference Result 253 states and 353 transitions. [2024-10-31 22:02:54,756 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-31 22:02:54,758 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 49 [2024-10-31 22:02:54,758 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:02:54,777 INFO L225 Difference]: With dead ends: 253 [2024-10-31 22:02:54,777 INFO L226 Difference]: Without dead ends: 129 [2024-10-31 22:02:54,783 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:02:54,789 INFO L432 NwaCegarLoop]: 183 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:02:54,791 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 183 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:02:54,813 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2024-10-31 22:02:54,840 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 129. [2024-10-31 22:02:54,841 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 90 states have (on average 1.3222222222222222) internal successors, (119), 105 states have internal predecessors, (119), 28 states have call successors, (28), 11 states have call predecessors, (28), 10 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2024-10-31 22:02:54,847 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 174 transitions. [2024-10-31 22:02:54,850 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 174 transitions. Word has length 49 [2024-10-31 22:02:54,854 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:02:54,854 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 174 transitions. [2024-10-31 22:02:54,855 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:54,855 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 174 transitions. [2024-10-31 22:02:54,857 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-10-31 22:02:54,857 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:02:54,861 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:02:54,861 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-31 22:02:54,862 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:02:54,863 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:02:54,863 INFO L85 PathProgramCache]: Analyzing trace with hash -1245192373, now seen corresponding path program 1 times [2024-10-31 22:02:54,863 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:02:54,864 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1942888170] [2024-10-31 22:02:54,864 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:02:54,864 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:02:54,925 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,084 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:02:55,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,090 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:02:55,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,098 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:02:55,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,103 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:02:55,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,109 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:02:55,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,114 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:02:55,116 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,119 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:02:55,119 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:02:55,120 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1942888170] [2024-10-31 22:02:55,120 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1942888170] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:02:55,120 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:02:55,120 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:02:55,121 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [133296339] [2024-10-31 22:02:55,121 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:02:55,125 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:02:55,125 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:02:55,126 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:02:55,126 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:02:55,126 INFO L87 Difference]: Start difference. First operand 129 states and 174 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:55,163 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:02:55,163 INFO L93 Difference]: Finished difference Result 202 states and 273 transitions. [2024-10-31 22:02:55,164 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:02:55,165 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 50 [2024-10-31 22:02:55,165 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:02:55,167 INFO L225 Difference]: With dead ends: 202 [2024-10-31 22:02:55,167 INFO L226 Difference]: Without dead ends: 120 [2024-10-31 22:02:55,168 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:02:55,170 INFO L432 NwaCegarLoop]: 161 mSDtfsCounter, 21 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 296 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:02:55,171 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [25 Valid, 296 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:02:55,172 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2024-10-31 22:02:55,184 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 120. [2024-10-31 22:02:55,185 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 120 states, 84 states have (on average 1.3333333333333333) internal successors, (112), 99 states have internal predecessors, (112), 25 states have call successors, (25), 10 states have call predecessors, (25), 10 states have return successors, (25), 20 states have call predecessors, (25), 25 states have call successors, (25) [2024-10-31 22:02:55,187 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 162 transitions. [2024-10-31 22:02:55,188 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 162 transitions. Word has length 50 [2024-10-31 22:02:55,188 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:02:55,188 INFO L471 AbstractCegarLoop]: Abstraction has 120 states and 162 transitions. [2024-10-31 22:02:55,189 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:55,189 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 162 transitions. [2024-10-31 22:02:55,191 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-10-31 22:02:55,192 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:02:55,192 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:02:55,193 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-31 22:02:55,193 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:02:55,193 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:02:55,194 INFO L85 PathProgramCache]: Analyzing trace with hash -327824829, now seen corresponding path program 1 times [2024-10-31 22:02:55,194 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:02:55,194 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1345282478] [2024-10-31 22:02:55,194 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:02:55,194 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:02:55,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,541 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:02:55,546 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,555 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:02:55,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,563 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:02:55,567 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,572 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:02:55,577 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,581 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:02:55,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,589 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:02:55,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:55,599 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:02:55,599 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:02:55,599 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1345282478] [2024-10-31 22:02:55,599 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1345282478] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:02:55,600 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:02:55,600 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-31 22:02:55,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1292848095] [2024-10-31 22:02:55,600 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:02:55,601 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-31 22:02:55,601 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:02:55,601 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-31 22:02:55,606 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:02:55,606 INFO L87 Difference]: Start difference. First operand 120 states and 162 transitions. Second operand has 7 states, 7 states have (on average 4.571428571428571) internal successors, (32), 7 states have internal predecessors, (32), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:56,230 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:02:56,230 INFO L93 Difference]: Finished difference Result 451 states and 621 transitions. [2024-10-31 22:02:56,230 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 22:02:56,231 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 4.571428571428571) internal successors, (32), 7 states have internal predecessors, (32), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 55 [2024-10-31 22:02:56,231 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:02:56,234 INFO L225 Difference]: With dead ends: 451 [2024-10-31 22:02:56,235 INFO L226 Difference]: Without dead ends: 353 [2024-10-31 22:02:56,236 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=31, Invalid=59, Unknown=0, NotChecked=0, Total=90 [2024-10-31 22:02:56,237 INFO L432 NwaCegarLoop]: 173 mSDtfsCounter, 454 mSDsluCounter, 645 mSDsCounter, 0 mSdLazyCounter, 255 mSolverCounterSat, 96 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 454 SdHoareTripleChecker+Valid, 818 SdHoareTripleChecker+Invalid, 351 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 96 IncrementalHoareTripleChecker+Valid, 255 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-31 22:02:56,238 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [454 Valid, 818 Invalid, 351 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [96 Valid, 255 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-31 22:02:56,240 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 353 states. [2024-10-31 22:02:56,298 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 353 to 250. [2024-10-31 22:02:56,299 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 250 states, 178 states have (on average 1.3820224719101124) internal successors, (246), 210 states have internal predecessors, (246), 48 states have call successors, (48), 23 states have call predecessors, (48), 23 states have return successors, (49), 36 states have call predecessors, (49), 48 states have call successors, (49) [2024-10-31 22:02:56,302 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 250 states to 250 states and 343 transitions. [2024-10-31 22:02:56,302 INFO L78 Accepts]: Start accepts. Automaton has 250 states and 343 transitions. Word has length 55 [2024-10-31 22:02:56,303 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:02:56,303 INFO L471 AbstractCegarLoop]: Abstraction has 250 states and 343 transitions. [2024-10-31 22:02:56,303 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 4.571428571428571) internal successors, (32), 7 states have internal predecessors, (32), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:56,303 INFO L276 IsEmpty]: Start isEmpty. Operand 250 states and 343 transitions. [2024-10-31 22:02:56,309 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-10-31 22:02:56,309 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:02:56,309 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:02:56,309 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-31 22:02:56,309 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:02:56,310 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:02:56,310 INFO L85 PathProgramCache]: Analyzing trace with hash -435041523, now seen corresponding path program 1 times [2024-10-31 22:02:56,310 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:02:56,310 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1437336397] [2024-10-31 22:02:56,311 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:02:56,311 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:02:56,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:56,599 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:02:56,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:56,606 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:02:56,608 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:56,611 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:02:56,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:56,617 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:02:56,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:56,623 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:02:56,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:56,629 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:02:56,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:56,635 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:02:56,635 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:02:56,635 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1437336397] [2024-10-31 22:02:56,637 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1437336397] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:02:56,637 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:02:56,637 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-31 22:02:56,637 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1637747765] [2024-10-31 22:02:56,638 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:02:56,638 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-31 22:02:56,638 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:02:56,639 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-31 22:02:56,639 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:02:56,639 INFO L87 Difference]: Start difference. First operand 250 states and 343 transitions. Second operand has 9 states, 9 states have (on average 4.0) internal successors, (36), 9 states have internal predecessors, (36), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:57,241 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:02:57,242 INFO L93 Difference]: Finished difference Result 909 states and 1323 transitions. [2024-10-31 22:02:57,243 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-31 22:02:57,243 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.0) internal successors, (36), 9 states have internal predecessors, (36), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 59 [2024-10-31 22:02:57,244 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:02:57,257 INFO L225 Difference]: With dead ends: 909 [2024-10-31 22:02:57,257 INFO L226 Difference]: Without dead ends: 681 [2024-10-31 22:02:57,259 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=181, Unknown=0, NotChecked=0, Total=240 [2024-10-31 22:02:57,263 INFO L432 NwaCegarLoop]: 155 mSDtfsCounter, 308 mSDsluCounter, 991 mSDsCounter, 0 mSdLazyCounter, 291 mSolverCounterSat, 98 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 308 SdHoareTripleChecker+Valid, 1146 SdHoareTripleChecker+Invalid, 389 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 98 IncrementalHoareTripleChecker+Valid, 291 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-31 22:02:57,264 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [308 Valid, 1146 Invalid, 389 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [98 Valid, 291 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-31 22:02:57,265 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 681 states. [2024-10-31 22:02:57,345 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 681 to 675. [2024-10-31 22:02:57,346 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 675 states, 481 states have (on average 1.3762993762993763) internal successors, (662), 572 states have internal predecessors, (662), 129 states have call successors, (129), 64 states have call predecessors, (129), 64 states have return successors, (161), 93 states have call predecessors, (161), 129 states have call successors, (161) [2024-10-31 22:02:57,352 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 675 states to 675 states and 952 transitions. [2024-10-31 22:02:57,354 INFO L78 Accepts]: Start accepts. Automaton has 675 states and 952 transitions. Word has length 59 [2024-10-31 22:02:57,354 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:02:57,354 INFO L471 AbstractCegarLoop]: Abstraction has 675 states and 952 transitions. [2024-10-31 22:02:57,355 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.0) internal successors, (36), 9 states have internal predecessors, (36), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:57,355 INFO L276 IsEmpty]: Start isEmpty. Operand 675 states and 952 transitions. [2024-10-31 22:02:57,360 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-10-31 22:02:57,360 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:02:57,363 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:02:57,364 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-31 22:02:57,364 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:02:57,364 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:02:57,365 INFO L85 PathProgramCache]: Analyzing trace with hash 323360210, now seen corresponding path program 1 times [2024-10-31 22:02:57,365 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:02:57,365 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2124340879] [2024-10-31 22:02:57,365 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:02:57,365 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:02:57,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,472 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:02:57,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:02:57,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,486 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:02:57,488 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,493 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:02:57,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,500 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:02:57,506 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,509 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:02:57,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,515 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:02:57,515 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:02:57,516 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2124340879] [2024-10-31 22:02:57,516 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2124340879] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:02:57,518 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:02:57,518 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:02:57,519 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [256298230] [2024-10-31 22:02:57,519 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:02:57,519 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:02:57,519 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:02:57,520 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:02:57,520 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:02:57,520 INFO L87 Difference]: Start difference. First operand 675 states and 952 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:57,691 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:02:57,691 INFO L93 Difference]: Finished difference Result 1578 states and 2342 transitions. [2024-10-31 22:02:57,691 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:02:57,692 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 61 [2024-10-31 22:02:57,692 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:02:57,700 INFO L225 Difference]: With dead ends: 1578 [2024-10-31 22:02:57,700 INFO L226 Difference]: Without dead ends: 925 [2024-10-31 22:02:57,705 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:02:57,706 INFO L432 NwaCegarLoop]: 160 mSDtfsCounter, 100 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 253 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 22:02:57,707 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 253 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 22:02:57,708 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 925 states. [2024-10-31 22:02:57,826 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 925 to 912. [2024-10-31 22:02:57,828 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 912 states, 674 states have (on average 1.3264094955489614) internal successors, (894), 759 states have internal predecessors, (894), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2024-10-31 22:02:57,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 912 states to 912 states and 1293 transitions. [2024-10-31 22:02:57,836 INFO L78 Accepts]: Start accepts. Automaton has 912 states and 1293 transitions. Word has length 61 [2024-10-31 22:02:57,837 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:02:57,837 INFO L471 AbstractCegarLoop]: Abstraction has 912 states and 1293 transitions. [2024-10-31 22:02:57,837 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-10-31 22:02:57,837 INFO L276 IsEmpty]: Start isEmpty. Operand 912 states and 1293 transitions. [2024-10-31 22:02:57,840 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2024-10-31 22:02:57,840 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:02:57,840 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:02:57,840 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-31 22:02:57,841 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:02:57,841 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:02:57,841 INFO L85 PathProgramCache]: Analyzing trace with hash 311962835, now seen corresponding path program 1 times [2024-10-31 22:02:57,842 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:02:57,842 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [527648345] [2024-10-31 22:02:57,842 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:02:57,842 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:02:57,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,971 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:02:57,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,976 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:02:57,977 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,979 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:02:57,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,983 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:02:57,990 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:57,993 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:02:57,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:58,000 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:02:58,003 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:58,013 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-10-31 22:02:58,015 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:58,031 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2024-10-31 22:02:58,033 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:58,040 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-10-31 22:02:58,041 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:58,047 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 11 proven. 1 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-10-31 22:02:58,048 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:02:58,048 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [527648345] [2024-10-31 22:02:58,048 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [527648345] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:02:58,048 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [72864927] [2024-10-31 22:02:58,049 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:02:58,049 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:02:58,049 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:02:58,052 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:02:58,058 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-31 22:02:58,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:02:58,204 INFO L255 TraceCheckSpWp]: Trace formula consists of 327 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-10-31 22:02:58,212 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:02:58,500 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2024-10-31 22:02:58,500 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 22:02:58,834 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 16 proven. 3 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:02:58,834 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [72864927] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 22:02:58,835 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 22:02:58,835 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 8] total 15 [2024-10-31 22:02:58,835 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [671209422] [2024-10-31 22:02:58,835 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 22:02:58,836 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-31 22:02:58,836 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:02:58,837 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-31 22:02:58,838 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2024-10-31 22:02:58,838 INFO L87 Difference]: Start difference. First operand 912 states and 1293 transitions. Second operand has 15 states, 15 states have (on average 7.733333333333333) internal successors, (116), 12 states have internal predecessors, (116), 5 states have call successors, (29), 9 states have call predecessors, (29), 8 states have return successors, (26), 5 states have call predecessors, (26), 4 states have call successors, (26) [2024-10-31 22:03:02,381 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:03:02,382 INFO L93 Difference]: Finished difference Result 2526 states and 3702 transitions. [2024-10-31 22:03:02,382 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 47 states. [2024-10-31 22:03:02,383 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 7.733333333333333) internal successors, (116), 12 states have internal predecessors, (116), 5 states have call successors, (29), 9 states have call predecessors, (29), 8 states have return successors, (26), 5 states have call predecessors, (26), 4 states have call successors, (26) Word has length 85 [2024-10-31 22:03:02,383 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:03:02,398 INFO L225 Difference]: With dead ends: 2526 [2024-10-31 22:03:02,398 INFO L226 Difference]: Without dead ends: 1882 [2024-10-31 22:03:02,403 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 238 GetRequests, 180 SyntacticMatches, 4 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 816 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=608, Invalid=2472, Unknown=0, NotChecked=0, Total=3080 [2024-10-31 22:03:02,406 INFO L432 NwaCegarLoop]: 165 mSDtfsCounter, 1218 mSDsluCounter, 1048 mSDsCounter, 0 mSdLazyCounter, 2228 mSolverCounterSat, 582 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1234 SdHoareTripleChecker+Valid, 1213 SdHoareTripleChecker+Invalid, 2810 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 582 IncrementalHoareTripleChecker+Valid, 2228 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.4s IncrementalHoareTripleChecker+Time [2024-10-31 22:03:02,408 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [1234 Valid, 1213 Invalid, 2810 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [582 Valid, 2228 Invalid, 0 Unknown, 0 Unchecked, 2.4s Time] [2024-10-31 22:03:02,411 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1882 states. [2024-10-31 22:03:02,656 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1882 to 1736. [2024-10-31 22:03:02,665 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1736 states, 1286 states have (on average 1.290824261275272) internal successors, (1660), 1433 states have internal predecessors, (1660), 239 states have call successors, (239), 166 states have call predecessors, (239), 210 states have return successors, (546), 274 states have call predecessors, (546), 239 states have call successors, (546) [2024-10-31 22:03:02,701 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1736 states to 1736 states and 2445 transitions. [2024-10-31 22:03:02,707 INFO L78 Accepts]: Start accepts. Automaton has 1736 states and 2445 transitions. Word has length 85 [2024-10-31 22:03:02,707 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:03:02,707 INFO L471 AbstractCegarLoop]: Abstraction has 1736 states and 2445 transitions. [2024-10-31 22:03:02,708 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 7.733333333333333) internal successors, (116), 12 states have internal predecessors, (116), 5 states have call successors, (29), 9 states have call predecessors, (29), 8 states have return successors, (26), 5 states have call predecessors, (26), 4 states have call successors, (26) [2024-10-31 22:03:02,708 INFO L276 IsEmpty]: Start isEmpty. Operand 1736 states and 2445 transitions. [2024-10-31 22:03:02,724 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2024-10-31 22:03:02,725 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:03:02,726 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:03:02,764 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-31 22:03:02,926 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:02,927 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:03:02,927 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:03:02,928 INFO L85 PathProgramCache]: Analyzing trace with hash -1610005, now seen corresponding path program 1 times [2024-10-31 22:03:02,930 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:03:02,930 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1326455173] [2024-10-31 22:03:02,930 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:02,931 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:03:02,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,094 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:03,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,099 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:03:03,100 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,102 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:03:03,107 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,108 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:03:03,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,113 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:03:03,116 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,117 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:03:03,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,134 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-31 22:03:03,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,182 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:03,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,201 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:03,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,245 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-31 22:03:03,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,248 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-10-31 22:03:03,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,251 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:03,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,254 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:03,255 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,257 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 14 proven. 4 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-10-31 22:03:03,257 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:03:03,257 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1326455173] [2024-10-31 22:03:03,258 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1326455173] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:03:03,260 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [9259402] [2024-10-31 22:03:03,260 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:03,260 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:03,260 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:03:03,262 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:03:03,264 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-31 22:03:03,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:03,395 INFO L255 TraceCheckSpWp]: Trace formula consists of 387 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-10-31 22:03:03,399 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:03:03,552 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 25 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:03:03,553 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-31 22:03:03,553 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [9259402] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:03:03,553 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-31 22:03:03,553 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [7] total 8 [2024-10-31 22:03:03,553 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1363261576] [2024-10-31 22:03:03,553 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:03:03,554 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:03:03,554 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:03:03,554 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:03:03,558 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2024-10-31 22:03:03,559 INFO L87 Difference]: Start difference. First operand 1736 states and 2445 transitions. Second operand has 3 states, 3 states have (on average 25.0) internal successors, (75), 3 states have internal predecessors, (75), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) [2024-10-31 22:03:03,756 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:03:03,757 INFO L93 Difference]: Finished difference Result 3622 states and 5255 transitions. [2024-10-31 22:03:03,757 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:03:03,757 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.0) internal successors, (75), 3 states have internal predecessors, (75), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) Word has length 112 [2024-10-31 22:03:03,759 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:03:03,776 INFO L225 Difference]: With dead ends: 3622 [2024-10-31 22:03:03,776 INFO L226 Difference]: Without dead ends: 1908 [2024-10-31 22:03:03,785 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 145 GetRequests, 139 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2024-10-31 22:03:03,786 INFO L432 NwaCegarLoop]: 228 mSDtfsCounter, 88 mSDsluCounter, 88 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:03:03,786 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 316 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:03:03,791 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1908 states. [2024-10-31 22:03:03,942 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1908 to 1874. [2024-10-31 22:03:03,947 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1874 states, 1404 states have (on average 1.2834757834757835) internal successors, (1802), 1549 states have internal predecessors, (1802), 247 states have call successors, (247), 180 states have call predecessors, (247), 222 states have return successors, (559), 281 states have call predecessors, (559), 247 states have call successors, (559) [2024-10-31 22:03:03,961 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1874 states to 1874 states and 2608 transitions. [2024-10-31 22:03:03,964 INFO L78 Accepts]: Start accepts. Automaton has 1874 states and 2608 transitions. Word has length 112 [2024-10-31 22:03:03,964 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:03:03,965 INFO L471 AbstractCegarLoop]: Abstraction has 1874 states and 2608 transitions. [2024-10-31 22:03:03,966 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.0) internal successors, (75), 3 states have internal predecessors, (75), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) [2024-10-31 22:03:03,966 INFO L276 IsEmpty]: Start isEmpty. Operand 1874 states and 2608 transitions. [2024-10-31 22:03:03,972 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2024-10-31 22:03:03,974 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:03:03,975 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:03:03,995 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-10-31 22:03:04,179 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:04,180 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:03:04,180 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:03:04,180 INFO L85 PathProgramCache]: Analyzing trace with hash -384151409, now seen corresponding path program 1 times [2024-10-31 22:03:04,180 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:03:04,181 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1673764734] [2024-10-31 22:03:04,181 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:04,181 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:03:04,200 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,278 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:04,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,281 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:03:04,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,284 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:03:04,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:03:04,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,289 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:03:04,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,292 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:03:04,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,299 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-31 22:03:04,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,321 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:04,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,334 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:04,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,367 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-31 22:03:04,368 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,370 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-10-31 22:03:04,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,373 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:04,374 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,375 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:03:04,376 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,377 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 14 proven. 5 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2024-10-31 22:03:04,378 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:03:04,378 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1673764734] [2024-10-31 22:03:04,378 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1673764734] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:03:04,378 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [401900653] [2024-10-31 22:03:04,378 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:04,378 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:04,379 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:03:04,381 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:03:04,382 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-10-31 22:03:04,509 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:04,511 INFO L255 TraceCheckSpWp]: Trace formula consists of 388 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-10-31 22:03:04,514 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:03:04,526 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2024-10-31 22:03:04,526 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-31 22:03:04,527 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [401900653] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:03:04,527 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-31 22:03:04,527 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [7] total 7 [2024-10-31 22:03:04,527 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [696336224] [2024-10-31 22:03:04,527 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:03:04,527 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 22:03:04,528 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:03:04,528 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 22:03:04,529 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:03:04,529 INFO L87 Difference]: Start difference. First operand 1874 states and 2608 transitions. Second operand has 5 states, 5 states have (on average 14.2) internal successors, (71), 5 states have internal predecessors, (71), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2024-10-31 22:03:04,687 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:03:04,687 INFO L93 Difference]: Finished difference Result 3504 states and 5213 transitions. [2024-10-31 22:03:04,688 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-31 22:03:04,688 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.2) internal successors, (71), 5 states have internal predecessors, (71), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) Word has length 114 [2024-10-31 22:03:04,688 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:03:04,702 INFO L225 Difference]: With dead ends: 3504 [2024-10-31 22:03:04,702 INFO L226 Difference]: Without dead ends: 1904 [2024-10-31 22:03:04,728 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 147 GetRequests, 142 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:03:04,729 INFO L432 NwaCegarLoop]: 159 mSDtfsCounter, 0 mSDsluCounter, 470 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 629 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:03:04,729 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 629 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:03:04,731 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1904 states. [2024-10-31 22:03:04,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1904 to 1904. [2024-10-31 22:03:04,873 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1904 states, 1434 states have (on average 1.2775453277545328) internal successors, (1832), 1579 states have internal predecessors, (1832), 247 states have call successors, (247), 180 states have call predecessors, (247), 222 states have return successors, (559), 281 states have call predecessors, (559), 247 states have call successors, (559) [2024-10-31 22:03:04,885 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1904 states to 1904 states and 2638 transitions. [2024-10-31 22:03:04,887 INFO L78 Accepts]: Start accepts. Automaton has 1904 states and 2638 transitions. Word has length 114 [2024-10-31 22:03:04,888 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:03:04,888 INFO L471 AbstractCegarLoop]: Abstraction has 1904 states and 2638 transitions. [2024-10-31 22:03:04,888 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.2) internal successors, (71), 5 states have internal predecessors, (71), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2024-10-31 22:03:04,888 INFO L276 IsEmpty]: Start isEmpty. Operand 1904 states and 2638 transitions. [2024-10-31 22:03:04,894 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2024-10-31 22:03:04,894 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:03:04,894 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:03:04,915 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-10-31 22:03:05,099 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:05,099 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:03:05,099 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:03:05,100 INFO L85 PathProgramCache]: Analyzing trace with hash 876765841, now seen corresponding path program 1 times [2024-10-31 22:03:05,100 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:03:05,100 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1266935769] [2024-10-31 22:03:05,100 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:05,100 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:03:05,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,184 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:05,185 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,187 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:03:05,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,189 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:03:05,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,192 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:03:05,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,194 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:03:05,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,197 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:03:05,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,205 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-31 22:03:05,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:05,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,245 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:05,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-31 22:03:05,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,311 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-10-31 22:03:05,314 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,316 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:05,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,319 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:03:05,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,322 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 14 proven. 5 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2024-10-31 22:03:05,324 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:03:05,324 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1266935769] [2024-10-31 22:03:05,324 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1266935769] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:03:05,325 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [291925896] [2024-10-31 22:03:05,325 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:05,325 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:05,325 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:03:05,327 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:03:05,329 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-10-31 22:03:05,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:05,476 INFO L255 TraceCheckSpWp]: Trace formula consists of 389 conjuncts, 4 conjuncts are in the unsatisfiable core [2024-10-31 22:03:05,483 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:03:05,523 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2024-10-31 22:03:05,523 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-31 22:03:05,524 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [291925896] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:03:05,524 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-31 22:03:05,524 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [6] total 8 [2024-10-31 22:03:05,524 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [180853669] [2024-10-31 22:03:05,524 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:03:05,525 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-31 22:03:05,525 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:03:05,526 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-31 22:03:05,526 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2024-10-31 22:03:05,527 INFO L87 Difference]: Start difference. First operand 1904 states and 2638 transitions. Second operand has 4 states, 4 states have (on average 17.75) internal successors, (71), 4 states have internal predecessors, (71), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2024-10-31 22:03:05,687 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:03:05,688 INFO L93 Difference]: Finished difference Result 3222 states and 4626 transitions. [2024-10-31 22:03:05,689 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-31 22:03:05,689 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 17.75) internal successors, (71), 4 states have internal predecessors, (71), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) Word has length 114 [2024-10-31 22:03:05,689 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:03:05,702 INFO L225 Difference]: With dead ends: 3222 [2024-10-31 22:03:05,702 INFO L226 Difference]: Without dead ends: 1592 [2024-10-31 22:03:05,713 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 146 GetRequests, 140 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2024-10-31 22:03:05,714 INFO L432 NwaCegarLoop]: 160 mSDtfsCounter, 0 mSDsluCounter, 314 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 474 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:03:05,715 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 474 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:03:05,717 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1592 states. [2024-10-31 22:03:05,843 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1592 to 1592. [2024-10-31 22:03:05,846 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1592 states, 1196 states have (on average 1.2851170568561874) internal successors, (1537), 1314 states have internal predecessors, (1537), 216 states have call successors, (216), 157 states have call predecessors, (216), 179 states have return successors, (436), 224 states have call predecessors, (436), 216 states have call successors, (436) [2024-10-31 22:03:05,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1592 states to 1592 states and 2189 transitions. [2024-10-31 22:03:05,884 INFO L78 Accepts]: Start accepts. Automaton has 1592 states and 2189 transitions. Word has length 114 [2024-10-31 22:03:05,884 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:03:05,884 INFO L471 AbstractCegarLoop]: Abstraction has 1592 states and 2189 transitions. [2024-10-31 22:03:05,884 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 17.75) internal successors, (71), 4 states have internal predecessors, (71), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2024-10-31 22:03:05,885 INFO L276 IsEmpty]: Start isEmpty. Operand 1592 states and 2189 transitions. [2024-10-31 22:03:05,888 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2024-10-31 22:03:05,889 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:03:05,889 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:03:05,911 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2024-10-31 22:03:06,093 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:06,093 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:03:06,093 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:03:06,093 INFO L85 PathProgramCache]: Analyzing trace with hash -2105279047, now seen corresponding path program 1 times [2024-10-31 22:03:06,094 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:03:06,094 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1808967845] [2024-10-31 22:03:06,094 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:06,094 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:03:06,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,274 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:06,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,278 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:03:06,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,280 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:03:06,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,283 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:03:06,284 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,285 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:03:06,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,288 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:03:06,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,297 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-10-31 22:03:06,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,309 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-31 22:03:06,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,332 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 22:03:06,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,347 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:06,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,359 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-31 22:03:06,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,362 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 98 [2024-10-31 22:03:06,364 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,366 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:03:06,367 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,369 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:03:06,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,371 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 13 proven. 10 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2024-10-31 22:03:06,371 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:03:06,372 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1808967845] [2024-10-31 22:03:06,372 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1808967845] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:03:06,372 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [31042330] [2024-10-31 22:03:06,372 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:06,372 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:06,372 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:03:06,374 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:03:06,376 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2024-10-31 22:03:06,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:03:06,509 INFO L255 TraceCheckSpWp]: Trace formula consists of 398 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-10-31 22:03:06,512 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:03:06,604 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-10-31 22:03:06,604 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 22:03:06,789 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 14 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2024-10-31 22:03:06,789 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [31042330] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 22:03:06,790 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 22:03:06,790 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 9 [2024-10-31 22:03:06,790 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1648080009] [2024-10-31 22:03:06,790 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 22:03:06,791 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-31 22:03:06,791 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:03:06,791 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-31 22:03:06,792 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:03:06,792 INFO L87 Difference]: Start difference. First operand 1592 states and 2189 transitions. Second operand has 9 states, 9 states have (on average 10.11111111111111) internal successors, (91), 6 states have internal predecessors, (91), 3 states have call successors, (24), 6 states have call predecessors, (24), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2024-10-31 22:03:08,020 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:03:08,021 INFO L93 Difference]: Finished difference Result 2810 states and 3885 transitions. [2024-10-31 22:03:08,021 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-31 22:03:08,022 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 10.11111111111111) internal successors, (91), 6 states have internal predecessors, (91), 3 states have call successors, (24), 6 states have call predecessors, (24), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 118 [2024-10-31 22:03:08,022 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:03:08,036 INFO L225 Difference]: With dead ends: 2810 [2024-10-31 22:03:08,036 INFO L226 Difference]: Without dead ends: 1634 [2024-10-31 22:03:08,041 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 298 GetRequests, 263 SyntacticMatches, 8 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 205 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=198, Invalid=614, Unknown=0, NotChecked=0, Total=812 [2024-10-31 22:03:08,042 INFO L432 NwaCegarLoop]: 115 mSDtfsCounter, 576 mSDsluCounter, 506 mSDsCounter, 0 mSdLazyCounter, 695 mSolverCounterSat, 252 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 590 SdHoareTripleChecker+Valid, 621 SdHoareTripleChecker+Invalid, 947 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 252 IncrementalHoareTripleChecker+Valid, 695 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-10-31 22:03:08,044 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [590 Valid, 621 Invalid, 947 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [252 Valid, 695 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-10-31 22:03:08,046 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1634 states. [2024-10-31 22:03:08,178 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1634 to 1504. [2024-10-31 22:03:08,181 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1504 states, 1122 states have (on average 1.2691622103386808) internal successors, (1424), 1238 states have internal predecessors, (1424), 209 states have call successors, (209), 150 states have call predecessors, (209), 172 states have return successors, (427), 212 states have call predecessors, (427), 209 states have call successors, (427) [2024-10-31 22:03:08,188 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1504 states to 1504 states and 2060 transitions. [2024-10-31 22:03:08,191 INFO L78 Accepts]: Start accepts. Automaton has 1504 states and 2060 transitions. Word has length 118 [2024-10-31 22:03:08,192 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:03:08,192 INFO L471 AbstractCegarLoop]: Abstraction has 1504 states and 2060 transitions. [2024-10-31 22:03:08,192 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 10.11111111111111) internal successors, (91), 6 states have internal predecessors, (91), 3 states have call successors, (24), 6 states have call predecessors, (24), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2024-10-31 22:03:08,192 INFO L276 IsEmpty]: Start isEmpty. Operand 1504 states and 2060 transitions. [2024-10-31 22:03:08,198 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 154 [2024-10-31 22:03:08,198 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:03:08,199 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:03:08,219 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2024-10-31 22:03:08,403 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:03:08,403 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:03:08,404 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:03:08,404 INFO L85 PathProgramCache]: Analyzing trace with hash 1512307827, now seen corresponding path program 2 times [2024-10-31 22:03:08,404 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:03:08,405 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [348764727] [2024-10-31 22:03:08,405 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:03:08,405 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:03:08,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-10-31 22:03:08,445 INFO L356 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-10-31 22:03:08,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-10-31 22:03:08,544 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2024-10-31 22:03:08,546 INFO L325 BasicCegarLoop]: Counterexample is feasible [2024-10-31 22:03:08,548 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-31 22:03:08,550 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-10-31 22:03:08,552 INFO L407 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:03:08,679 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-10-31 22:03:08,685 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 31.10 10:03:08 BoogieIcfgContainer [2024-10-31 22:03:08,686 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-31 22:03:08,686 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-31 22:03:08,686 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-31 22:03:08,686 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-31 22:03:08,687 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:02:54" (3/4) ... [2024-10-31 22:03:08,688 INFO L136 WitnessPrinter]: Generating witness for reachability counterexample [2024-10-31 22:03:08,853 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/witness.graphml [2024-10-31 22:03:08,853 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-31 22:03:08,854 INFO L158 Benchmark]: Toolchain (without parser) took 16040.03ms. Allocated memory was 127.9MB in the beginning and 270.5MB in the end (delta: 142.6MB). Free memory was 89.1MB in the beginning and 199.4MB in the end (delta: -110.4MB). Peak memory consumption was 34.5MB. Max. memory is 16.1GB. [2024-10-31 22:03:08,855 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 127.9MB. Free memory is still 69.8MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-31 22:03:08,855 INFO L158 Benchmark]: CACSL2BoogieTranslator took 580.16ms. Allocated memory is still 127.9MB. Free memory was 88.7MB in the beginning and 66.3MB in the end (delta: 22.4MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-31 22:03:08,855 INFO L158 Benchmark]: Boogie Procedure Inliner took 48.70ms. Allocated memory is still 127.9MB. Free memory was 66.3MB in the beginning and 63.5MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 22:03:08,856 INFO L158 Benchmark]: Boogie Preprocessor took 52.01ms. Allocated memory is still 127.9MB. Free memory was 63.5MB in the beginning and 60.9MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 22:03:08,856 INFO L158 Benchmark]: RCFGBuilder took 665.76ms. Allocated memory was 127.9MB in the beginning and 155.2MB in the end (delta: 27.3MB). Free memory was 60.9MB in the beginning and 105.6MB in the end (delta: -44.7MB). Peak memory consumption was 10.0MB. Max. memory is 16.1GB. [2024-10-31 22:03:08,857 INFO L158 Benchmark]: TraceAbstraction took 14517.06ms. Allocated memory was 155.2MB in the beginning and 270.5MB in the end (delta: 115.3MB). Free memory was 104.4MB in the beginning and 213.1MB in the end (delta: -108.6MB). Peak memory consumption was 5.6MB. Max. memory is 16.1GB. [2024-10-31 22:03:08,857 INFO L158 Benchmark]: Witness Printer took 167.63ms. Allocated memory is still 270.5MB. Free memory was 213.1MB in the beginning and 199.4MB in the end (delta: 13.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2024-10-31 22:03:08,859 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 127.9MB. Free memory is still 69.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 580.16ms. Allocated memory is still 127.9MB. Free memory was 88.7MB in the beginning and 66.3MB in the end (delta: 22.4MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 48.70ms. Allocated memory is still 127.9MB. Free memory was 66.3MB in the beginning and 63.5MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 52.01ms. Allocated memory is still 127.9MB. Free memory was 63.5MB in the beginning and 60.9MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 665.76ms. Allocated memory was 127.9MB in the beginning and 155.2MB in the end (delta: 27.3MB). Free memory was 60.9MB in the beginning and 105.6MB in the end (delta: -44.7MB). Peak memory consumption was 10.0MB. Max. memory is 16.1GB. * TraceAbstraction took 14517.06ms. Allocated memory was 155.2MB in the beginning and 270.5MB in the end (delta: 115.3MB). Free memory was 104.4MB in the beginning and 213.1MB in the end (delta: -108.6MB). Peak memory consumption was 5.6MB. Max. memory is 16.1GB. * Witness Printer took 167.63ms. Allocated memory is still 270.5MB. Free memory was 213.1MB in the beginning and 199.4MB in the end (delta: 13.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] - GenericResultAtLocation [Line: 190]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] - GenericResultAtLocation [Line: 607]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] - GenericResultAtLocation [Line: 616]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] - GenericResultAtLocation [Line: 982]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] - GenericResultAtLocation [Line: 1085]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 612]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L155] int __SELECTED_FEATURE_base ; [L156] int __SELECTED_FEATURE_highWaterSensor ; [L157] int __SELECTED_FEATURE_lowWaterSensor ; [L158] int __SELECTED_FEATURE_methaneQuery ; [L159] int __SELECTED_FEATURE_methaneAlarm ; [L160] int __SELECTED_FEATURE_stopCommand ; [L161] int __SELECTED_FEATURE_startCommand ; [L162] int __GUIDSL_ROOT_PRODUCTION ; [L200] int pumpRunning = 0; [L201] int systemActive = 1; [L786] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L983] int waterLevel = 1; [L984] int methaneLevelCritical = 0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] CALL select_helpers() [L1117] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L136] RET select_helpers() [L137] CALL select_features() [L1102] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] __SELECTED_FEATURE_highWaterSensor = select_one() [L1104] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1105] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] __SELECTED_FEATURE_methaneQuery = select_one() [L1106] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] __SELECTED_FEATURE_methaneAlarm = select_one() [L1107] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] __SELECTED_FEATURE_stopCommand = select_one() [L1108] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] __SELECTED_FEATURE_startCommand = select_one() [L137] RET select_features() [L138] CALL, EXPR valid_product() [L1122] int retValue_acc ; [L1125] retValue_acc = __SELECTED_FEATURE_base [L1126] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L532] int splverifierCounter ; [L533] int tmp ; [L534] int tmp___0 ; [L535] int tmp___1 ; [L536] int tmp___2 ; [L539] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L549] tmp = __VERIFIER_nondet_int() [L551] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L553] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1001] COND TRUE waterLevel < 2 [L1002] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L553] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L207] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L239] COND TRUE ! pumpRunning [L241] CALL, EXPR isHighWaterLevel() [L470] int retValue_acc ; [L471] int tmp ; [L472] int tmp___0 ; [L476] CALL, EXPR isHighWaterSensorDry() [L1063] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L1066] COND FALSE !(waterLevel < 2) [L1070] retValue_acc = 0 [L1071] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L476] RET, EXPR isHighWaterSensorDry() [L476] tmp = isHighWaterSensorDry() [L478] COND FALSE !(\read(tmp)) [L481] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L483] retValue_acc = tmp___0 [L484] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L241] RET, EXPR isHighWaterLevel() [L241] tmp = isHighWaterLevel() [L243] COND TRUE \read(tmp) [L245] CALL activatePump() [L392] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L399] CALL activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L367] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L399] RET activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L245] RET activatePump() [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND TRUE tmp == 0 [L175] CALL, EXPR isPumpRunning() [L425] int retValue_acc ; [L428] retValue_acc = pumpRunning [L429] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L175] RET, EXPR isPumpRunning() [L175] tmp___0 = isPumpRunning() [L177] COND TRUE \read(tmp___0) [L179] CALL __automaton_fail() [L612] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 12 procedures, 138 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 14.3s, OverallIterations: 11, TraceHistogramMax: 6, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.1s, AutomataDifference: 7.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2799 SdHoareTripleChecker+Valid, 4.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2765 mSDsluCounter, 5949 SdHoareTripleChecker+Invalid, 3.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4290 mSDsCounter, 1038 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3516 IncrementalHoareTripleChecker+Invalid, 4554 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1038 mSolverCounterUnsat, 1659 mSDtfsCounter, 3516 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1069 GetRequests, 935 SyntacticMatches, 12 SemanticMatches, 122 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1053 ImplicationChecksByTransitivity, 1.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1904occurred in iteration=8, InterpolantAutomatonStates: 112, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 1.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 432 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 3.4s InterpolantComputationTime, 1513 NumberOfCodeBlocks, 1513 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1546 ConstructedInterpolants, 0 QuantifiedInterpolants, 2633 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1889 ConjunctsInSsa, 33 ConjunctsInUnsatCore, 17 InterpolantComputations, 8 PerfectInterpolantSequences, 1013/1061 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2024-10-31 22:03:08,904 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_44d4b17c-0db5-457b-a778-cb08179c8945/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE