./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3061b6dc Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-3061b6d-m [2024-11-18 14:21:16,038 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-18 14:21:16,105 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-18 14:21:16,112 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-18 14:21:16,112 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-18 14:21:16,139 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-18 14:21:16,140 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-18 14:21:16,140 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-18 14:21:16,141 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-18 14:21:16,143 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-18 14:21:16,143 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-18 14:21:16,144 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-18 14:21:16,144 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-18 14:21:16,145 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-18 14:21:16,145 INFO L153 SettingsManager]: * Use SBE=true [2024-11-18 14:21:16,146 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-18 14:21:16,147 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-18 14:21:16,147 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-18 14:21:16,147 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-18 14:21:16,147 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-18 14:21:16,147 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-18 14:21:16,151 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-18 14:21:16,151 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-18 14:21:16,152 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-18 14:21:16,152 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-18 14:21:16,152 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-18 14:21:16,152 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-18 14:21:16,152 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-18 14:21:16,152 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-18 14:21:16,153 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-18 14:21:16,153 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-18 14:21:16,153 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-18 14:21:16,153 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:21:16,154 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-18 14:21:16,154 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-18 14:21:16,154 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-18 14:21:16,154 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-18 14:21:16,154 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-18 14:21:16,156 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-18 14:21:16,156 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-18 14:21:16,156 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-18 14:21:16,156 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-18 14:21:16,157 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 [2024-11-18 14:21:16,384 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-18 14:21:16,425 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-18 14:21:16,428 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-18 14:21:16,429 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-18 14:21:16,429 INFO L274 PluginConnector]: CDTParser initialized [2024-11-18 14:21:16,430 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2024-11-18 14:21:17,820 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-18 14:21:18,018 INFO L384 CDTParser]: Found 1 translation units. [2024-11-18 14:21:18,019 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2024-11-18 14:21:18,029 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/de8c5831d/042d90a040e3417aadd50b8dbbf74647/FLAG71cc8cf22 [2024-11-18 14:21:18,044 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/de8c5831d/042d90a040e3417aadd50b8dbbf74647 [2024-11-18 14:21:18,046 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-18 14:21:18,047 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-18 14:21:18,048 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-18 14:21:18,049 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-18 14:21:18,052 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-18 14:21:18,053 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,054 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@f3a4021 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18, skipping insertion in model container [2024-11-18 14:21:18,054 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,095 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-18 14:21:18,280 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2024-11-18 14:21:18,334 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:21:18,344 INFO L200 MainTranslator]: Completed pre-run [2024-11-18 14:21:18,352 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2024-11-18 14:21:18,353 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] [2024-11-18 14:21:18,353 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] [2024-11-18 14:21:18,353 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] [2024-11-18 14:21:18,353 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] [2024-11-18 14:21:18,354 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] [2024-11-18 14:21:18,354 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] [2024-11-18 14:21:18,354 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] [2024-11-18 14:21:18,380 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2024-11-18 14:21:18,421 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:21:18,444 INFO L204 MainTranslator]: Completed translation [2024-11-18 14:21:18,445 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18 WrapperNode [2024-11-18 14:21:18,445 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-18 14:21:18,446 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-18 14:21:18,446 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-18 14:21:18,446 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-18 14:21:18,451 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,465 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,505 INFO L138 Inliner]: procedures = 63, calls = 121, calls flagged for inlining = 29, calls inlined = 26, statements flattened = 298 [2024-11-18 14:21:18,505 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-18 14:21:18,506 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-18 14:21:18,506 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-18 14:21:18,506 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-18 14:21:18,550 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,551 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,559 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,587 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-18 14:21:18,587 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,587 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,594 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,596 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,598 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,599 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,601 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-18 14:21:18,601 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-18 14:21:18,601 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-18 14:21:18,602 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-18 14:21:18,602 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (1/1) ... [2024-11-18 14:21:18,608 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:21:18,625 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:21:18,651 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-18 14:21:18,657 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-18 14:21:18,697 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-18 14:21:18,697 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2024-11-18 14:21:18,697 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2024-11-18 14:21:18,697 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-18 14:21:18,697 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-18 14:21:18,697 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-18 14:21:18,698 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-18 14:21:18,698 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2024-11-18 14:21:18,698 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2024-11-18 14:21:18,698 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-18 14:21:18,698 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-18 14:21:18,698 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2024-11-18 14:21:18,699 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2024-11-18 14:21:18,699 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2024-11-18 14:21:18,699 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2024-11-18 14:21:18,699 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-18 14:21:18,699 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-18 14:21:18,700 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-18 14:21:18,700 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-18 14:21:18,700 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-18 14:21:18,700 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2024-11-18 14:21:18,701 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2024-11-18 14:21:18,701 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-18 14:21:18,701 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-18 14:21:18,702 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-18 14:21:18,702 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-18 14:21:18,784 INFO L238 CfgBuilder]: Building ICFG [2024-11-18 14:21:18,786 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-18 14:21:19,086 INFO L? ?]: Removed 55 outVars from TransFormulas that were not future-live. [2024-11-18 14:21:19,086 INFO L287 CfgBuilder]: Performing block encoding [2024-11-18 14:21:19,105 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-18 14:21:19,106 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-18 14:21:19,106 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:21:19 BoogieIcfgContainer [2024-11-18 14:21:19,106 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-18 14:21:19,108 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-18 14:21:19,108 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-18 14:21:19,111 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-18 14:21:19,111 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 18.11 02:21:18" (1/3) ... [2024-11-18 14:21:19,112 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@520eacc6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:21:19, skipping insertion in model container [2024-11-18 14:21:19,112 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:21:18" (2/3) ... [2024-11-18 14:21:19,112 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@520eacc6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:21:19, skipping insertion in model container [2024-11-18 14:21:19,112 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:21:19" (3/3) ... [2024-11-18 14:21:19,113 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_productSimulator.cil.c [2024-11-18 14:21:19,126 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-18 14:21:19,126 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-18 14:21:19,173 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-18 14:21:19,179 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3b8cf8a, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-18 14:21:19,180 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-18 14:21:19,183 INFO L276 IsEmpty]: Start isEmpty. Operand has 138 states, 97 states have (on average 1.3711340206185567) internal successors, (133), 113 states have internal predecessors, (133), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) [2024-11-18 14:21:19,192 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-18 14:21:19,193 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:19,193 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:19,194 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:19,198 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:19,198 INFO L85 PathProgramCache]: Analyzing trace with hash 1615566960, now seen corresponding path program 1 times [2024-11-18 14:21:19,205 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:19,205 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1498020454] [2024-11-18 14:21:19,206 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:19,206 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:19,334 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:19,520 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-18 14:21:19,520 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:19,521 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1498020454] [2024-11-18 14:21:19,521 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1498020454] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:19,526 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:19,526 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-18 14:21:19,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1607643392] [2024-11-18 14:21:19,529 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:19,536 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-18 14:21:19,537 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:19,577 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-18 14:21:19,584 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:21:19,587 INFO L87 Difference]: Start difference. First operand has 138 states, 97 states have (on average 1.3711340206185567) internal successors, (133), 113 states have internal predecessors, (133), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) Second operand has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:19,665 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:19,665 INFO L93 Difference]: Finished difference Result 253 states and 353 transitions. [2024-11-18 14:21:19,673 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-18 14:21:19,674 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 49 [2024-11-18 14:21:19,674 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:19,694 INFO L225 Difference]: With dead ends: 253 [2024-11-18 14:21:19,695 INFO L226 Difference]: Without dead ends: 129 [2024-11-18 14:21:19,703 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:21:19,706 INFO L432 NwaCegarLoop]: 183 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:19,712 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 183 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:19,726 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2024-11-18 14:21:19,768 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 129. [2024-11-18 14:21:19,770 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 90 states have (on average 1.3222222222222222) internal successors, (119), 105 states have internal predecessors, (119), 28 states have call successors, (28), 11 states have call predecessors, (28), 10 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2024-11-18 14:21:19,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 174 transitions. [2024-11-18 14:21:19,776 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 174 transitions. Word has length 49 [2024-11-18 14:21:19,777 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:19,784 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 174 transitions. [2024-11-18 14:21:19,784 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:19,784 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 174 transitions. [2024-11-18 14:21:19,786 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:21:19,786 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:19,786 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:19,787 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-18 14:21:19,787 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:19,792 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:19,793 INFO L85 PathProgramCache]: Analyzing trace with hash -1245192373, now seen corresponding path program 1 times [2024-11-18 14:21:19,793 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:19,793 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [66358594] [2024-11-18 14:21:19,793 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:19,794 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:19,881 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:20,053 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-18 14:21:20,053 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:20,054 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [66358594] [2024-11-18 14:21:20,054 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [66358594] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:20,054 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:20,054 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:21:20,054 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [106739844] [2024-11-18 14:21:20,054 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:20,055 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:21:20,055 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:20,055 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:21:20,056 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:21:20,056 INFO L87 Difference]: Start difference. First operand 129 states and 174 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:20,074 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:20,075 INFO L93 Difference]: Finished difference Result 202 states and 273 transitions. [2024-11-18 14:21:20,075 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:21:20,075 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 50 [2024-11-18 14:21:20,076 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:20,077 INFO L225 Difference]: With dead ends: 202 [2024-11-18 14:21:20,077 INFO L226 Difference]: Without dead ends: 120 [2024-11-18 14:21:20,078 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:21:20,079 INFO L432 NwaCegarLoop]: 161 mSDtfsCounter, 21 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 296 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:20,079 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [25 Valid, 296 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:20,080 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2024-11-18 14:21:20,088 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 120. [2024-11-18 14:21:20,088 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 120 states, 84 states have (on average 1.3333333333333333) internal successors, (112), 99 states have internal predecessors, (112), 25 states have call successors, (25), 10 states have call predecessors, (25), 10 states have return successors, (25), 20 states have call predecessors, (25), 25 states have call successors, (25) [2024-11-18 14:21:20,090 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 162 transitions. [2024-11-18 14:21:20,090 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 162 transitions. Word has length 50 [2024-11-18 14:21:20,090 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:20,090 INFO L471 AbstractCegarLoop]: Abstraction has 120 states and 162 transitions. [2024-11-18 14:21:20,091 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:20,091 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 162 transitions. [2024-11-18 14:21:20,092 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-18 14:21:20,092 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:20,092 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:20,092 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-18 14:21:20,092 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:20,093 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:20,093 INFO L85 PathProgramCache]: Analyzing trace with hash -327824829, now seen corresponding path program 1 times [2024-11-18 14:21:20,093 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:20,093 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1499120519] [2024-11-18 14:21:20,093 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:20,094 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:20,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:20,273 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-18 14:21:20,274 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:20,274 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1499120519] [2024-11-18 14:21:20,274 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1499120519] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:20,274 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:20,274 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-18 14:21:20,274 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2086421159] [2024-11-18 14:21:20,274 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:20,275 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-18 14:21:20,275 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:20,275 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-18 14:21:20,276 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:21:20,276 INFO L87 Difference]: Start difference. First operand 120 states and 162 transitions. Second operand has 7 states, 7 states have (on average 4.571428571428571) internal successors, (32), 7 states have internal predecessors, (32), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:20,568 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:20,568 INFO L93 Difference]: Finished difference Result 451 states and 621 transitions. [2024-11-18 14:21:20,569 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-18 14:21:20,569 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 4.571428571428571) internal successors, (32), 7 states have internal predecessors, (32), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 55 [2024-11-18 14:21:20,569 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:20,572 INFO L225 Difference]: With dead ends: 451 [2024-11-18 14:21:20,572 INFO L226 Difference]: Without dead ends: 353 [2024-11-18 14:21:20,573 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=31, Invalid=59, Unknown=0, NotChecked=0, Total=90 [2024-11-18 14:21:20,574 INFO L432 NwaCegarLoop]: 173 mSDtfsCounter, 454 mSDsluCounter, 645 mSDsCounter, 0 mSdLazyCounter, 255 mSolverCounterSat, 96 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 454 SdHoareTripleChecker+Valid, 818 SdHoareTripleChecker+Invalid, 351 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 96 IncrementalHoareTripleChecker+Valid, 255 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:20,574 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [454 Valid, 818 Invalid, 351 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [96 Valid, 255 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:21:20,575 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 353 states. [2024-11-18 14:21:20,601 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 353 to 250. [2024-11-18 14:21:20,602 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 250 states, 178 states have (on average 1.3820224719101124) internal successors, (246), 210 states have internal predecessors, (246), 48 states have call successors, (48), 23 states have call predecessors, (48), 23 states have return successors, (49), 36 states have call predecessors, (49), 48 states have call successors, (49) [2024-11-18 14:21:20,603 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 250 states to 250 states and 343 transitions. [2024-11-18 14:21:20,604 INFO L78 Accepts]: Start accepts. Automaton has 250 states and 343 transitions. Word has length 55 [2024-11-18 14:21:20,604 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:20,604 INFO L471 AbstractCegarLoop]: Abstraction has 250 states and 343 transitions. [2024-11-18 14:21:20,604 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 4.571428571428571) internal successors, (32), 7 states have internal predecessors, (32), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:20,605 INFO L276 IsEmpty]: Start isEmpty. Operand 250 states and 343 transitions. [2024-11-18 14:21:20,606 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-18 14:21:20,606 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:20,607 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:20,607 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-18 14:21:20,607 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:20,608 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:20,608 INFO L85 PathProgramCache]: Analyzing trace with hash -435041523, now seen corresponding path program 1 times [2024-11-18 14:21:20,608 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:20,608 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2072192605] [2024-11-18 14:21:20,608 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:20,608 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:20,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:20,732 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-18 14:21:20,733 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:20,733 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2072192605] [2024-11-18 14:21:20,733 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2072192605] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:20,733 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:20,733 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-18 14:21:20,733 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1976585180] [2024-11-18 14:21:20,733 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:20,734 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-18 14:21:20,734 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:20,734 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-18 14:21:20,734 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-18 14:21:20,734 INFO L87 Difference]: Start difference. First operand 250 states and 343 transitions. Second operand has 9 states, 9 states have (on average 4.0) internal successors, (36), 9 states have internal predecessors, (36), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:21,080 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:21,081 INFO L93 Difference]: Finished difference Result 909 states and 1323 transitions. [2024-11-18 14:21:21,081 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-18 14:21:21,081 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.0) internal successors, (36), 9 states have internal predecessors, (36), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 59 [2024-11-18 14:21:21,081 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:21,085 INFO L225 Difference]: With dead ends: 909 [2024-11-18 14:21:21,086 INFO L226 Difference]: Without dead ends: 681 [2024-11-18 14:21:21,087 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=181, Unknown=0, NotChecked=0, Total=240 [2024-11-18 14:21:21,088 INFO L432 NwaCegarLoop]: 155 mSDtfsCounter, 307 mSDsluCounter, 991 mSDsCounter, 0 mSdLazyCounter, 291 mSolverCounterSat, 98 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 307 SdHoareTripleChecker+Valid, 1146 SdHoareTripleChecker+Invalid, 389 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 98 IncrementalHoareTripleChecker+Valid, 291 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:21,088 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [307 Valid, 1146 Invalid, 389 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [98 Valid, 291 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:21:21,089 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 681 states. [2024-11-18 14:21:21,142 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 681 to 675. [2024-11-18 14:21:21,144 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 675 states, 481 states have (on average 1.3762993762993763) internal successors, (662), 572 states have internal predecessors, (662), 129 states have call successors, (129), 64 states have call predecessors, (129), 64 states have return successors, (161), 93 states have call predecessors, (161), 129 states have call successors, (161) [2024-11-18 14:21:21,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 675 states to 675 states and 952 transitions. [2024-11-18 14:21:21,148 INFO L78 Accepts]: Start accepts. Automaton has 675 states and 952 transitions. Word has length 59 [2024-11-18 14:21:21,148 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:21,149 INFO L471 AbstractCegarLoop]: Abstraction has 675 states and 952 transitions. [2024-11-18 14:21:21,149 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.0) internal successors, (36), 9 states have internal predecessors, (36), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:21,149 INFO L276 IsEmpty]: Start isEmpty. Operand 675 states and 952 transitions. [2024-11-18 14:21:21,152 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-11-18 14:21:21,152 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:21,153 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:21,153 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-18 14:21:21,153 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:21,153 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:21,153 INFO L85 PathProgramCache]: Analyzing trace with hash 323360210, now seen corresponding path program 1 times [2024-11-18 14:21:21,154 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:21,154 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [563072980] [2024-11-18 14:21:21,154 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:21,154 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:21,170 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:21,211 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-18 14:21:21,212 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:21,212 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [563072980] [2024-11-18 14:21:21,212 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [563072980] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:21,212 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:21,212 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:21:21,213 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [675547675] [2024-11-18 14:21:21,213 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:21,213 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:21:21,213 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:21,214 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:21:21,214 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:21:21,214 INFO L87 Difference]: Start difference. First operand 675 states and 952 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:21,273 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:21,273 INFO L93 Difference]: Finished difference Result 1578 states and 2342 transitions. [2024-11-18 14:21:21,274 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:21:21,274 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 61 [2024-11-18 14:21:21,274 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:21,278 INFO L225 Difference]: With dead ends: 1578 [2024-11-18 14:21:21,279 INFO L226 Difference]: Without dead ends: 925 [2024-11-18 14:21:21,281 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:21:21,282 INFO L432 NwaCegarLoop]: 160 mSDtfsCounter, 100 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 253 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:21,282 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 253 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:21,283 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 925 states. [2024-11-18 14:21:21,330 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 925 to 912. [2024-11-18 14:21:21,332 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 912 states, 674 states have (on average 1.3264094955489614) internal successors, (894), 759 states have internal predecessors, (894), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2024-11-18 14:21:21,335 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 912 states to 912 states and 1293 transitions. [2024-11-18 14:21:21,336 INFO L78 Accepts]: Start accepts. Automaton has 912 states and 1293 transitions. Word has length 61 [2024-11-18 14:21:21,337 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:21,337 INFO L471 AbstractCegarLoop]: Abstraction has 912 states and 1293 transitions. [2024-11-18 14:21:21,337 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2024-11-18 14:21:21,337 INFO L276 IsEmpty]: Start isEmpty. Operand 912 states and 1293 transitions. [2024-11-18 14:21:21,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2024-11-18 14:21:21,340 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:21,340 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:21,340 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-18 14:21:21,340 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:21,361 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:21,362 INFO L85 PathProgramCache]: Analyzing trace with hash 311962835, now seen corresponding path program 1 times [2024-11-18 14:21:21,362 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:21,362 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1237130708] [2024-11-18 14:21:21,362 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:21,362 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:21,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:21,427 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-11-18 14:21:21,428 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:21,428 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1237130708] [2024-11-18 14:21:21,428 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1237130708] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:21,428 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:21,428 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:21:21,428 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [821483757] [2024-11-18 14:21:21,428 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:21,429 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:21:21,429 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:21,429 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:21:21,429 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:21:21,430 INFO L87 Difference]: Start difference. First operand 912 states and 1293 transitions. Second operand has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-18 14:21:21,497 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:21,498 INFO L93 Difference]: Finished difference Result 914 states and 1294 transitions. [2024-11-18 14:21:21,498 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:21:21,498 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 85 [2024-11-18 14:21:21,498 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:21,502 INFO L225 Difference]: With dead ends: 914 [2024-11-18 14:21:21,502 INFO L226 Difference]: Without dead ends: 912 [2024-11-18 14:21:21,503 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:21:21,503 INFO L432 NwaCegarLoop]: 158 mSDtfsCounter, 110 mSDsluCounter, 406 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 564 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:21,504 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 564 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:21,504 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 912 states. [2024-11-18 14:21:21,546 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 912 to 912. [2024-11-18 14:21:21,547 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 912 states, 674 states have (on average 1.3219584569732938) internal successors, (891), 759 states have internal predecessors, (891), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2024-11-18 14:21:21,551 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 912 states to 912 states and 1290 transitions. [2024-11-18 14:21:21,552 INFO L78 Accepts]: Start accepts. Automaton has 912 states and 1290 transitions. Word has length 85 [2024-11-18 14:21:21,552 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:21,552 INFO L471 AbstractCegarLoop]: Abstraction has 912 states and 1290 transitions. [2024-11-18 14:21:21,552 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-18 14:21:21,552 INFO L276 IsEmpty]: Start isEmpty. Operand 912 states and 1290 transitions. [2024-11-18 14:21:21,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 110 [2024-11-18 14:21:21,555 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:21,555 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:21,556 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-18 14:21:21,556 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:21,556 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:21,556 INFO L85 PathProgramCache]: Analyzing trace with hash 1300611501, now seen corresponding path program 1 times [2024-11-18 14:21:21,556 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:21,556 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [161512456] [2024-11-18 14:21:21,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:21,557 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:21,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:21,594 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2024-11-18 14:21:21,595 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:21,595 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [161512456] [2024-11-18 14:21:21,595 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [161512456] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:21,595 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:21,595 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:21:21,595 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [7990851] [2024-11-18 14:21:21,595 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:21,596 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:21:21,596 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:21,596 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:21:21,596 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:21:21,597 INFO L87 Difference]: Start difference. First operand 912 states and 1290 transitions. Second operand has 3 states, 3 states have (on average 24.0) internal successors, (72), 3 states have internal predecessors, (72), 3 states have call successors, (13), 2 states have call predecessors, (13), 1 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-18 14:21:21,633 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:21,633 INFO L93 Difference]: Finished difference Result 1415 states and 1997 transitions. [2024-11-18 14:21:21,634 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:21:21,634 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 24.0) internal successors, (72), 3 states have internal predecessors, (72), 3 states have call successors, (13), 2 states have call predecessors, (13), 1 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 109 [2024-11-18 14:21:21,634 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:21,637 INFO L225 Difference]: With dead ends: 1415 [2024-11-18 14:21:21,637 INFO L226 Difference]: Without dead ends: 525 [2024-11-18 14:21:21,639 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:21:21,640 INFO L432 NwaCegarLoop]: 191 mSDtfsCounter, 26 mSDsluCounter, 156 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 347 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:21,640 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [26 Valid, 347 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:21,641 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 525 states. [2024-11-18 14:21:21,682 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 525 to 519. [2024-11-18 14:21:21,683 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 519 states, 387 states have (on average 1.3074935400516796) internal successors, (506), 433 states have internal predecessors, (506), 78 states have call successors, (78), 51 states have call predecessors, (78), 53 states have return successors, (133), 78 states have call predecessors, (133), 78 states have call successors, (133) [2024-11-18 14:21:21,685 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 519 states to 519 states and 717 transitions. [2024-11-18 14:21:21,685 INFO L78 Accepts]: Start accepts. Automaton has 519 states and 717 transitions. Word has length 109 [2024-11-18 14:21:21,686 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:21,686 INFO L471 AbstractCegarLoop]: Abstraction has 519 states and 717 transitions. [2024-11-18 14:21:21,686 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 24.0) internal successors, (72), 3 states have internal predecessors, (72), 3 states have call successors, (13), 2 states have call predecessors, (13), 1 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-18 14:21:21,686 INFO L276 IsEmpty]: Start isEmpty. Operand 519 states and 717 transitions. [2024-11-18 14:21:21,687 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2024-11-18 14:21:21,687 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:21,688 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:21,688 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-18 14:21:21,688 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:21,688 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:21,688 INFO L85 PathProgramCache]: Analyzing trace with hash -1950023208, now seen corresponding path program 1 times [2024-11-18 14:21:21,688 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:21,689 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1655799325] [2024-11-18 14:21:21,689 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:21,689 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:21,701 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:21,744 INFO L134 CoverageAnalysis]: Checked inductivity of 63 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 60 trivial. 0 not checked. [2024-11-18 14:21:21,744 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:21,745 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1655799325] [2024-11-18 14:21:21,745 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1655799325] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:21,745 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:21,745 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:21:21,745 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1967085024] [2024-11-18 14:21:21,745 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:21,746 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:21:21,746 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:21,746 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:21:21,746 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:21:21,746 INFO L87 Difference]: Start difference. First operand 519 states and 717 transitions. Second operand has 5 states, 5 states have (on average 13.0) internal successors, (65), 5 states have internal predecessors, (65), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-18 14:21:21,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:21,781 INFO L93 Difference]: Finished difference Result 1025 states and 1497 transitions. [2024-11-18 14:21:21,781 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:21:21,781 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.0) internal successors, (65), 5 states have internal predecessors, (65), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 110 [2024-11-18 14:21:21,781 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:21,783 INFO L225 Difference]: With dead ends: 1025 [2024-11-18 14:21:21,783 INFO L226 Difference]: Without dead ends: 528 [2024-11-18 14:21:21,785 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:21:21,786 INFO L432 NwaCegarLoop]: 159 mSDtfsCounter, 0 mSDsluCounter, 470 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 629 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:21,786 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 629 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:21,787 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 528 states. [2024-11-18 14:21:21,807 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 528 to 528. [2024-11-18 14:21:21,808 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 528 states, 396 states have (on average 1.3005050505050506) internal successors, (515), 442 states have internal predecessors, (515), 78 states have call successors, (78), 51 states have call predecessors, (78), 53 states have return successors, (133), 78 states have call predecessors, (133), 78 states have call successors, (133) [2024-11-18 14:21:21,810 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 528 states to 528 states and 726 transitions. [2024-11-18 14:21:21,811 INFO L78 Accepts]: Start accepts. Automaton has 528 states and 726 transitions. Word has length 110 [2024-11-18 14:21:21,812 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:21,813 INFO L471 AbstractCegarLoop]: Abstraction has 528 states and 726 transitions. [2024-11-18 14:21:21,813 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.0) internal successors, (65), 5 states have internal predecessors, (65), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-18 14:21:21,813 INFO L276 IsEmpty]: Start isEmpty. Operand 528 states and 726 transitions. [2024-11-18 14:21:21,815 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2024-11-18 14:21:21,815 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:21,815 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:21,815 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-18 14:21:21,816 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:21,818 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:21,818 INFO L85 PathProgramCache]: Analyzing trace with hash -1731168490, now seen corresponding path program 1 times [2024-11-18 14:21:21,818 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:21,818 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [667978168] [2024-11-18 14:21:21,818 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:21,818 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:21,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:21,891 INFO L134 CoverageAnalysis]: Checked inductivity of 63 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 60 trivial. 0 not checked. [2024-11-18 14:21:21,891 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:21,892 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [667978168] [2024-11-18 14:21:21,892 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [667978168] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:21,892 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:21:21,892 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:21:21,892 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1473787727] [2024-11-18 14:21:21,892 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:21,893 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:21:21,893 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:21,893 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:21:21,893 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:21:21,893 INFO L87 Difference]: Start difference. First operand 528 states and 726 transitions. Second operand has 4 states, 4 states have (on average 16.25) internal successors, (65), 4 states have internal predecessors, (65), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-18 14:21:21,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:21,922 INFO L93 Difference]: Finished difference Result 956 states and 1369 transitions. [2024-11-18 14:21:21,922 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:21:21,922 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 16.25) internal successors, (65), 4 states have internal predecessors, (65), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 110 [2024-11-18 14:21:21,923 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:21,925 INFO L225 Difference]: With dead ends: 956 [2024-11-18 14:21:21,925 INFO L226 Difference]: Without dead ends: 450 [2024-11-18 14:21:21,927 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:21:21,927 INFO L432 NwaCegarLoop]: 160 mSDtfsCounter, 0 mSDsluCounter, 314 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 474 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:21,928 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 474 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:21,928 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 450 states. [2024-11-18 14:21:21,945 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 450 to 450. [2024-11-18 14:21:21,945 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 450 states, 337 states have (on average 1.3026706231454006) internal successors, (439), 376 states have internal predecessors, (439), 68 states have call successors, (68), 43 states have call predecessors, (68), 44 states have return successors, (108), 65 states have call predecessors, (108), 68 states have call successors, (108) [2024-11-18 14:21:21,947 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 450 states to 450 states and 615 transitions. [2024-11-18 14:21:21,948 INFO L78 Accepts]: Start accepts. Automaton has 450 states and 615 transitions. Word has length 110 [2024-11-18 14:21:21,948 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:21,948 INFO L471 AbstractCegarLoop]: Abstraction has 450 states and 615 transitions. [2024-11-18 14:21:21,949 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 16.25) internal successors, (65), 4 states have internal predecessors, (65), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-18 14:21:21,949 INFO L276 IsEmpty]: Start isEmpty. Operand 450 states and 615 transitions. [2024-11-18 14:21:21,950 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2024-11-18 14:21:21,950 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:21,950 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:21,951 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-18 14:21:21,951 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:21,951 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:21,951 INFO L85 PathProgramCache]: Analyzing trace with hash -682729835, now seen corresponding path program 1 times [2024-11-18 14:21:21,951 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:21,951 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1678653860] [2024-11-18 14:21:21,951 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:21,952 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:21,977 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:22,004 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 18 proven. 4 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2024-11-18 14:21:22,005 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:22,005 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1678653860] [2024-11-18 14:21:22,005 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1678653860] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:21:22,005 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [708570484] [2024-11-18 14:21:22,005 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:22,005 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:21:22,005 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:21:22,007 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:21:22,011 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-18 14:21:22,103 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:22,106 INFO L255 TraceCheckSpWp]: Trace formula consists of 397 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-11-18 14:21:22,111 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:21:22,166 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 25 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-18 14:21:22,167 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:21:22,167 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [708570484] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:21:22,167 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:21:22,167 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [4] total 4 [2024-11-18 14:21:22,167 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1043876003] [2024-11-18 14:21:22,167 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:21:22,168 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:21:22,168 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:22,168 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:21:22,168 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:21:22,169 INFO L87 Difference]: Start difference. First operand 450 states and 615 transitions. Second operand has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 3 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-18 14:21:22,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:22,200 INFO L93 Difference]: Finished difference Result 1106 states and 1552 transitions. [2024-11-18 14:21:22,200 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:21:22,201 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 3 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) Word has length 116 [2024-11-18 14:21:22,201 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:22,204 INFO L225 Difference]: With dead ends: 1106 [2024-11-18 14:21:22,204 INFO L226 Difference]: Without dead ends: 678 [2024-11-18 14:21:22,205 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 119 GetRequests, 117 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:21:22,206 INFO L432 NwaCegarLoop]: 231 mSDtfsCounter, 88 mSDsluCounter, 91 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 322 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:22,206 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 322 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:21:22,207 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 678 states. [2024-11-18 14:21:22,233 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 678 to 678. [2024-11-18 14:21:22,234 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 678 states, 514 states have (on average 1.2957198443579767) internal successors, (666), 564 states have internal predecessors, (666), 94 states have call successors, (94), 68 states have call predecessors, (94), 69 states have return successors, (166), 91 states have call predecessors, (166), 94 states have call successors, (166) [2024-11-18 14:21:22,237 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 678 states to 678 states and 926 transitions. [2024-11-18 14:21:22,238 INFO L78 Accepts]: Start accepts. Automaton has 678 states and 926 transitions. Word has length 116 [2024-11-18 14:21:22,238 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:22,238 INFO L471 AbstractCegarLoop]: Abstraction has 678 states and 926 transitions. [2024-11-18 14:21:22,238 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 3 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-18 14:21:22,238 INFO L276 IsEmpty]: Start isEmpty. Operand 678 states and 926 transitions. [2024-11-18 14:21:22,240 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2024-11-18 14:21:22,240 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:22,241 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:22,254 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-18 14:21:22,441 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-18 14:21:22,441 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:22,442 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:22,442 INFO L85 PathProgramCache]: Analyzing trace with hash -2105279047, now seen corresponding path program 1 times [2024-11-18 14:21:22,442 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:22,442 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1333418075] [2024-11-18 14:21:22,442 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:22,442 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:22,456 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:22,554 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 14 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2024-11-18 14:21:22,554 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:21:22,554 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1333418075] [2024-11-18 14:21:22,555 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1333418075] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:21:22,555 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [280452015] [2024-11-18 14:21:22,555 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:21:22,555 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:21:22,555 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:21:22,557 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:21:22,558 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-18 14:21:22,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:21:22,675 INFO L255 TraceCheckSpWp]: Trace formula consists of 398 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-18 14:21:22,679 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:21:22,769 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-18 14:21:22,770 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:21:22,938 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 14 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2024-11-18 14:21:22,938 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [280452015] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:21:22,938 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:21:22,938 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 6 [2024-11-18 14:21:22,938 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [557730442] [2024-11-18 14:21:22,939 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:21:22,939 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-18 14:21:22,939 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:21:22,940 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-18 14:21:22,940 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:21:22,940 INFO L87 Difference]: Start difference. First operand 678 states and 926 transitions. Second operand has 6 states, 6 states have (on average 14.333333333333334) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2024-11-18 14:21:23,105 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:21:23,106 INFO L93 Difference]: Finished difference Result 1303 states and 1851 transitions. [2024-11-18 14:21:23,106 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-18 14:21:23,106 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 14.333333333333334) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 118 [2024-11-18 14:21:23,107 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:21:23,111 INFO L225 Difference]: With dead ends: 1303 [2024-11-18 14:21:23,111 INFO L226 Difference]: Without dead ends: 805 [2024-11-18 14:21:23,113 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 245 GetRequests, 232 SyntacticMatches, 5 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2024-11-18 14:21:23,113 INFO L432 NwaCegarLoop]: 224 mSDtfsCounter, 187 mSDsluCounter, 643 mSDsCounter, 0 mSdLazyCounter, 96 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 187 SdHoareTripleChecker+Valid, 867 SdHoareTripleChecker+Invalid, 104 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 96 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:21:23,113 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [187 Valid, 867 Invalid, 104 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:21:23,114 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 805 states. [2024-11-18 14:21:23,147 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 805 to 732. [2024-11-18 14:21:23,148 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 732 states, 553 states have (on average 1.2857142857142858) internal successors, (711), 605 states have internal predecessors, (711), 103 states have call successors, (103), 77 states have call predecessors, (103), 75 states have return successors, (183), 96 states have call predecessors, (183), 103 states have call successors, (183) [2024-11-18 14:21:23,150 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 732 states to 732 states and 997 transitions. [2024-11-18 14:21:23,151 INFO L78 Accepts]: Start accepts. Automaton has 732 states and 997 transitions. Word has length 118 [2024-11-18 14:21:23,152 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:21:23,152 INFO L471 AbstractCegarLoop]: Abstraction has 732 states and 997 transitions. [2024-11-18 14:21:23,152 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 14.333333333333334) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2024-11-18 14:21:23,152 INFO L276 IsEmpty]: Start isEmpty. Operand 732 states and 997 transitions. [2024-11-18 14:21:23,154 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 154 [2024-11-18 14:21:23,155 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:21:23,155 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:23,172 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-18 14:21:23,355 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-18 14:21:23,356 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:21:23,357 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:21:23,357 INFO L85 PathProgramCache]: Analyzing trace with hash 1512307827, now seen corresponding path program 2 times [2024-11-18 14:21:23,357 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:21:23,357 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [801898592] [2024-11-18 14:21:23,357 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2024-11-18 14:21:23,357 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:21:23,390 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2024-11-18 14:21:23,394 INFO L228 tOrderPrioritization]: Conjunction of SSA is sat [2024-11-18 14:21:23,394 INFO L356 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-18 14:21:23,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-18 14:21:23,451 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2024-11-18 14:21:23,451 INFO L325 BasicCegarLoop]: Counterexample is feasible [2024-11-18 14:21:23,452 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-18 14:21:23,453 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2024-11-18 14:21:23,455 INFO L407 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:21:23,547 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-18 14:21:23,549 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 18.11 02:21:23 BoogieIcfgContainer [2024-11-18 14:21:23,549 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-18 14:21:23,550 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-18 14:21:23,550 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-18 14:21:23,550 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-18 14:21:23,550 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:21:19" (3/4) ... [2024-11-18 14:21:23,551 INFO L136 WitnessPrinter]: Generating witness for reachability counterexample [2024-11-18 14:21:23,618 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-18 14:21:23,618 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-18 14:21:23,619 INFO L158 Benchmark]: Toolchain (without parser) took 5571.38ms. Allocated memory was 167.8MB in the beginning and 291.5MB in the end (delta: 123.7MB). Free memory was 97.3MB in the beginning and 113.8MB in the end (delta: -16.5MB). Peak memory consumption was 109.8MB. Max. memory is 16.1GB. [2024-11-18 14:21:23,619 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 167.8MB. Free memory is still 126.5MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-18 14:21:23,619 INFO L158 Benchmark]: CACSL2BoogieTranslator took 396.87ms. Allocated memory is still 167.8MB. Free memory was 97.1MB in the beginning and 74.2MB in the end (delta: 22.9MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-18 14:21:23,619 INFO L158 Benchmark]: Boogie Procedure Inliner took 59.34ms. Allocated memory is still 167.8MB. Free memory was 74.2MB in the beginning and 71.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:21:23,620 INFO L158 Benchmark]: Boogie Preprocessor took 95.22ms. Allocated memory is still 167.8MB. Free memory was 71.7MB in the beginning and 136.4MB in the end (delta: -64.6MB). Peak memory consumption was 4.8MB. Max. memory is 16.1GB. [2024-11-18 14:21:23,620 INFO L158 Benchmark]: RCFGBuilder took 505.17ms. Allocated memory is still 167.8MB. Free memory was 136.4MB in the beginning and 112.1MB in the end (delta: 24.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-18 14:21:23,620 INFO L158 Benchmark]: TraceAbstraction took 4441.32ms. Allocated memory was 167.8MB in the beginning and 291.5MB in the end (delta: 123.7MB). Free memory was 111.2MB in the beginning and 127.4MB in the end (delta: -16.2MB). Peak memory consumption was 109.2MB. Max. memory is 16.1GB. [2024-11-18 14:21:23,620 INFO L158 Benchmark]: Witness Printer took 68.38ms. Allocated memory is still 291.5MB. Free memory was 127.4MB in the beginning and 113.8MB in the end (delta: 13.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2024-11-18 14:21:23,621 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 167.8MB. Free memory is still 126.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 396.87ms. Allocated memory is still 167.8MB. Free memory was 97.1MB in the beginning and 74.2MB in the end (delta: 22.9MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 59.34ms. Allocated memory is still 167.8MB. Free memory was 74.2MB in the beginning and 71.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 95.22ms. Allocated memory is still 167.8MB. Free memory was 71.7MB in the beginning and 136.4MB in the end (delta: -64.6MB). Peak memory consumption was 4.8MB. Max. memory is 16.1GB. * RCFGBuilder took 505.17ms. Allocated memory is still 167.8MB. Free memory was 136.4MB in the beginning and 112.1MB in the end (delta: 24.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 4441.32ms. Allocated memory was 167.8MB in the beginning and 291.5MB in the end (delta: 123.7MB). Free memory was 111.2MB in the beginning and 127.4MB in the end (delta: -16.2MB). Peak memory consumption was 109.2MB. Max. memory is 16.1GB. * Witness Printer took 68.38ms. Allocated memory is still 291.5MB. Free memory was 127.4MB in the beginning and 113.8MB in the end (delta: 13.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] - GenericResultAtLocation [Line: 190]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] - GenericResultAtLocation [Line: 607]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] - GenericResultAtLocation [Line: 616]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] - GenericResultAtLocation [Line: 982]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] - GenericResultAtLocation [Line: 1085]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 612]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L155] int __SELECTED_FEATURE_base ; [L156] int __SELECTED_FEATURE_highWaterSensor ; [L157] int __SELECTED_FEATURE_lowWaterSensor ; [L158] int __SELECTED_FEATURE_methaneQuery ; [L159] int __SELECTED_FEATURE_methaneAlarm ; [L160] int __SELECTED_FEATURE_stopCommand ; [L161] int __SELECTED_FEATURE_startCommand ; [L162] int __GUIDSL_ROOT_PRODUCTION ; [L200] int pumpRunning = 0; [L201] int systemActive = 1; [L786] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L983] int waterLevel = 1; [L984] int methaneLevelCritical = 0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] CALL select_helpers() [L1117] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L136] RET select_helpers() [L137] CALL select_features() [L1102] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] __SELECTED_FEATURE_highWaterSensor = select_one() [L1104] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1105] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] __SELECTED_FEATURE_methaneQuery = select_one() [L1106] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] __SELECTED_FEATURE_methaneAlarm = select_one() [L1107] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] __SELECTED_FEATURE_stopCommand = select_one() [L1108] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] __SELECTED_FEATURE_startCommand = select_one() [L137] RET select_features() [L138] CALL, EXPR valid_product() [L1122] int retValue_acc ; [L1125] retValue_acc = __SELECTED_FEATURE_base [L1126] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L532] int splverifierCounter ; [L533] int tmp ; [L534] int tmp___0 ; [L535] int tmp___1 ; [L536] int tmp___2 ; [L539] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L549] tmp = __VERIFIER_nondet_int() [L551] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L553] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1001] COND TRUE waterLevel < 2 [L1002] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L553] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L207] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L239] COND TRUE ! pumpRunning [L241] CALL, EXPR isHighWaterLevel() [L470] int retValue_acc ; [L471] int tmp ; [L472] int tmp___0 ; [L476] CALL, EXPR isHighWaterSensorDry() [L1063] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L1066] COND FALSE !(waterLevel < 2) [L1070] retValue_acc = 0 [L1071] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L476] RET, EXPR isHighWaterSensorDry() [L476] tmp = isHighWaterSensorDry() [L478] COND FALSE !(\read(tmp)) [L481] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L483] retValue_acc = tmp___0 [L484] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L241] RET, EXPR isHighWaterLevel() [L241] tmp = isHighWaterLevel() [L243] COND TRUE \read(tmp) [L245] CALL activatePump() [L392] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L399] CALL activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L367] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L399] RET activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L245] RET activatePump() [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND TRUE tmp == 0 [L175] CALL, EXPR isPumpRunning() [L425] int retValue_acc ; [L428] retValue_acc = pumpRunning [L429] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L175] RET, EXPR isPumpRunning() [L175] tmp___0 = isPumpRunning() [L177] COND TRUE \read(tmp___0) [L179] CALL __automaton_fail() [L612] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 12 procedures, 138 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.3s, OverallIterations: 12, TraceHistogramMax: 6, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 1.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1297 SdHoareTripleChecker+Valid, 0.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1293 mSDsluCounter, 5899 SdHoareTripleChecker+Invalid, 0.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3944 mSDsCounter, 218 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 728 IncrementalHoareTripleChecker+Invalid, 946 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 218 mSolverCounterUnsat, 1955 mSDtfsCounter, 728 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 422 GetRequests, 372 SyntacticMatches, 5 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 31 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=912occurred in iteration=5, InterpolantAutomatonStates: 54, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 11 MinimizatonAttempts, 201 StatesRemovedByMinimization, 5 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 1309 NumberOfCodeBlocks, 1309 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 1260 ConstructedInterpolants, 0 QuantifiedInterpolants, 2113 SizeOfPredicates, 2 NumberOfNonLiveVariables, 795 ConjunctsInSsa, 11 ConjunctsInUnsatCore, 14 InterpolantComputations, 10 PerfectInterpolantSequences, 804/835 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2024-11-18 14:21:23,664 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE