./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version d790fecc Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e237a09aaa1bc75b51620084d47086dcaad161f8c8500bd0b8b901d1a9d4bb0a --- Real Ultimate output --- This is Ultimate 0.3.0-dev-d790fec [2024-11-28 02:39:27,355 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-28 02:39:27,452 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-28 02:39:27,457 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-28 02:39:27,457 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-28 02:39:27,486 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-28 02:39:27,487 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-28 02:39:27,487 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-28 02:39:27,487 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-28 02:39:27,488 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-28 02:39:27,488 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-28 02:39:27,489 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-28 02:39:27,489 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-28 02:39:27,489 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-28 02:39:27,489 INFO L153 SettingsManager]: * Use SBE=true [2024-11-28 02:39:27,490 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-28 02:39:27,490 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-28 02:39:27,491 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2024-11-28 02:39:27,491 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-28 02:39:27,491 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-28 02:39:27,491 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-28 02:39:27,491 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-28 02:39:27,491 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-28 02:39:27,491 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-28 02:39:27,491 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-28 02:39:27,491 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-28 02:39:27,492 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-28 02:39:27,492 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-28 02:39:27,492 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-28 02:39:27,493 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-28 02:39:27,493 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-28 02:39:27,493 INFO L153 SettingsManager]: * Compute procedure contracts=false [2024-11-28 02:39:27,493 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-28 02:39:27,493 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-28 02:39:27,493 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-28 02:39:27,494 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-28 02:39:27,494 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-28 02:39:27,494 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-28 02:39:27,494 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-28 02:39:27,494 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e237a09aaa1bc75b51620084d47086dcaad161f8c8500bd0b8b901d1a9d4bb0a [2024-11-28 02:39:27,826 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-28 02:39:27,835 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-28 02:39:27,837 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-28 02:39:27,840 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-28 02:39:27,840 INFO L274 PluginConnector]: CDTParser initialized [2024-11-28 02:39:27,842 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/../../sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c [2024-11-28 02:39:30,658 INFO L533 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/data/7d6ea9d77/48f8cf1420ad4c9eb76eb2aa81133405/FLAGb7ee0a722 [2024-11-28 02:39:31,003 INFO L384 CDTParser]: Found 1 translation units. [2024-11-28 02:39:31,004 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c [2024-11-28 02:39:31,028 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/data/7d6ea9d77/48f8cf1420ad4c9eb76eb2aa81133405/FLAGb7ee0a722 [2024-11-28 02:39:31,045 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/data/7d6ea9d77/48f8cf1420ad4c9eb76eb2aa81133405 [2024-11-28 02:39:31,048 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-28 02:39:31,049 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-28 02:39:31,051 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-28 02:39:31,051 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-28 02:39:31,055 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-28 02:39:31,056 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,057 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@34679897 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31, skipping insertion in model container [2024-11-28 02:39:31,057 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,102 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-28 02:39:31,446 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c[20217,20230] [2024-11-28 02:39:31,462 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-28 02:39:31,475 INFO L200 MainTranslator]: Completed pre-run [2024-11-28 02:39:31,485 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [49] [2024-11-28 02:39:31,487 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [140] [2024-11-28 02:39:31,487 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [481] [2024-11-28 02:39:31,487 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [847] [2024-11-28 02:39:31,488 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [895] [2024-11-28 02:39:31,488 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [922] [2024-11-28 02:39:31,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1026] [2024-11-28 02:39:31,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [1035] [2024-11-28 02:39:31,582 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c[20217,20230] [2024-11-28 02:39:31,585 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-28 02:39:31,604 INFO L204 MainTranslator]: Completed translation [2024-11-28 02:39:31,605 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31 WrapperNode [2024-11-28 02:39:31,605 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-28 02:39:31,606 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-28 02:39:31,606 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-28 02:39:31,607 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-28 02:39:31,613 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,632 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,665 INFO L138 Inliner]: procedures = 63, calls = 121, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 276 [2024-11-28 02:39:31,665 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-28 02:39:31,666 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-28 02:39:31,666 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-28 02:39:31,666 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-28 02:39:31,677 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,677 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,685 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,708 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-28 02:39:31,708 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,708 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,717 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,718 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,726 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,731 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,732 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,738 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-28 02:39:31,739 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-28 02:39:31,739 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-28 02:39:31,739 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-28 02:39:31,740 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (1/1) ... [2024-11-28 02:39:31,750 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-28 02:39:31,763 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-28 02:39:31,778 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-28 02:39:31,783 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-28 02:39:31,812 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-28 02:39:31,813 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2024-11-28 02:39:31,813 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2024-11-28 02:39:31,813 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-28 02:39:31,813 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-28 02:39:31,813 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-28 02:39:31,813 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-28 02:39:31,813 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-28 02:39:31,813 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-28 02:39:31,813 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2024-11-28 02:39:31,813 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-28 02:39:31,814 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2024-11-28 02:39:31,814 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2024-11-28 02:39:31,814 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-28 02:39:31,814 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-28 02:39:31,814 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2024-11-28 02:39:31,814 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-28 02:39:31,814 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-28 02:39:31,814 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-28 02:39:31,815 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-28 02:39:31,912 INFO L234 CfgBuilder]: Building ICFG [2024-11-28 02:39:31,914 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-28 02:39:32,311 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2024-11-28 02:39:32,311 INFO L283 CfgBuilder]: Performing block encoding [2024-11-28 02:39:32,328 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-28 02:39:32,329 INFO L312 CfgBuilder]: Removed 4 assume(true) statements. [2024-11-28 02:39:32,330 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 28.11 02:39:32 BoogieIcfgContainer [2024-11-28 02:39:32,330 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-28 02:39:32,332 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-28 02:39:32,332 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-28 02:39:32,337 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-28 02:39:32,337 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 28.11 02:39:31" (1/3) ... [2024-11-28 02:39:32,338 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@9495369 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 28.11 02:39:32, skipping insertion in model container [2024-11-28 02:39:32,338 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 02:39:31" (2/3) ... [2024-11-28 02:39:32,338 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@9495369 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 28.11 02:39:32, skipping insertion in model container [2024-11-28 02:39:32,338 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 28.11 02:39:32" (3/3) ... [2024-11-28 02:39:32,340 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_productSimulator.cil.c [2024-11-28 02:39:32,355 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-28 02:39:32,356 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_productSimulator.cil.c that has 13 procedures, 141 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2024-11-28 02:39:32,413 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-28 02:39:32,426 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@21f01ff9, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-28 02:39:32,427 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-28 02:39:32,435 INFO L276 IsEmpty]: Start isEmpty. Operand has 141 states, 97 states have (on average 1.3711340206185567) internal successors, (133), 113 states have internal predecessors, (133), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2024-11-28 02:39:32,444 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-28 02:39:32,444 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:32,446 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:32,446 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:32,452 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:32,453 INFO L85 PathProgramCache]: Analyzing trace with hash 502883980, now seen corresponding path program 1 times [2024-11-28 02:39:32,460 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:32,461 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [941343662] [2024-11-28 02:39:32,461 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:32,462 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:32,637 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:32,775 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:32,775 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:32,776 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [941343662] [2024-11-28 02:39:32,777 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [941343662] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:32,777 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:32,777 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-28 02:39:32,779 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [188762001] [2024-11-28 02:39:32,780 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:32,785 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-28 02:39:32,786 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:32,808 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-28 02:39:32,808 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-28 02:39:32,812 INFO L87 Difference]: Start difference. First operand has 141 states, 97 states have (on average 1.3711340206185567) internal successors, (133), 113 states have internal predecessors, (133), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 2 states, 2 states have (on average 13.5) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:32,863 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:32,864 INFO L93 Difference]: Finished difference Result 259 states and 361 transitions. [2024-11-28 02:39:32,864 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-28 02:39:32,868 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 13.5) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 53 [2024-11-28 02:39:32,868 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:32,879 INFO L225 Difference]: With dead ends: 259 [2024-11-28 02:39:32,879 INFO L226 Difference]: Without dead ends: 132 [2024-11-28 02:39:32,888 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-28 02:39:32,890 INFO L435 NwaCegarLoop]: 187 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 187 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:32,892 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 187 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-28 02:39:32,908 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 132 states. [2024-11-28 02:39:32,946 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 132 to 132. [2024-11-28 02:39:32,947 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 132 states, 90 states have (on average 1.3222222222222222) internal successors, (119), 105 states have internal predecessors, (119), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2024-11-28 02:39:32,954 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 132 states to 132 states and 178 transitions. [2024-11-28 02:39:32,960 INFO L78 Accepts]: Start accepts. Automaton has 132 states and 178 transitions. Word has length 53 [2024-11-28 02:39:32,961 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:32,961 INFO L471 AbstractCegarLoop]: Abstraction has 132 states and 178 transitions. [2024-11-28 02:39:32,961 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 13.5) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:32,962 INFO L276 IsEmpty]: Start isEmpty. Operand 132 states and 178 transitions. [2024-11-28 02:39:32,968 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-28 02:39:32,968 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:32,968 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:32,969 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-28 02:39:32,969 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:32,969 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:32,969 INFO L85 PathProgramCache]: Analyzing trace with hash -971973180, now seen corresponding path program 1 times [2024-11-28 02:39:32,969 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:32,971 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [642106374] [2024-11-28 02:39:32,971 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:32,971 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:33,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:33,236 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:33,236 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:33,237 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [642106374] [2024-11-28 02:39:33,237 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [642106374] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:33,237 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:33,237 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-28 02:39:33,237 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2134031851] [2024-11-28 02:39:33,237 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:33,238 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-28 02:39:33,239 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:33,239 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-28 02:39:33,239 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-28 02:39:33,240 INFO L87 Difference]: Start difference. First operand 132 states and 178 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:33,262 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:33,262 INFO L93 Difference]: Finished difference Result 210 states and 283 transitions. [2024-11-28 02:39:33,263 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-28 02:39:33,263 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 53 [2024-11-28 02:39:33,264 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:33,265 INFO L225 Difference]: With dead ends: 210 [2024-11-28 02:39:33,265 INFO L226 Difference]: Without dead ends: 124 [2024-11-28 02:39:33,266 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-28 02:39:33,267 INFO L435 NwaCegarLoop]: 166 mSDtfsCounter, 21 mSDsluCounter, 141 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:33,267 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [25 Valid, 307 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-28 02:39:33,268 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 124 states. [2024-11-28 02:39:33,286 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 124 to 124. [2024-11-28 02:39:33,287 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 85 states have (on average 1.3294117647058823) internal successors, (113), 100 states have internal predecessors, (113), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2024-11-28 02:39:33,289 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 167 transitions. [2024-11-28 02:39:33,290 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 167 transitions. Word has length 53 [2024-11-28 02:39:33,290 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:33,290 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 167 transitions. [2024-11-28 02:39:33,290 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:33,290 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 167 transitions. [2024-11-28 02:39:33,296 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2024-11-28 02:39:33,296 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:33,296 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:33,296 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-28 02:39:33,296 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:33,297 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:33,297 INFO L85 PathProgramCache]: Analyzing trace with hash 964856436, now seen corresponding path program 1 times [2024-11-28 02:39:33,297 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:33,297 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [999918974] [2024-11-28 02:39:33,297 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:33,297 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:33,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:33,515 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:33,515 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:33,516 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [999918974] [2024-11-28 02:39:33,516 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [999918974] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:33,516 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:33,516 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-28 02:39:33,516 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1711183490] [2024-11-28 02:39:33,516 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:33,516 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-28 02:39:33,516 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:33,517 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-28 02:39:33,517 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-28 02:39:33,517 INFO L87 Difference]: Start difference. First operand 124 states and 167 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:33,563 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:33,563 INFO L93 Difference]: Finished difference Result 326 states and 446 transitions. [2024-11-28 02:39:33,563 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-28 02:39:33,564 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 58 [2024-11-28 02:39:33,564 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:33,566 INFO L225 Difference]: With dead ends: 326 [2024-11-28 02:39:33,566 INFO L226 Difference]: Without dead ends: 224 [2024-11-28 02:39:33,567 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-28 02:39:33,568 INFO L435 NwaCegarLoop]: 188 mSDtfsCounter, 134 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 323 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:33,568 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 323 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-28 02:39:33,569 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 224 states. [2024-11-28 02:39:33,614 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 224 to 221. [2024-11-28 02:39:33,615 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 151 states have (on average 1.3642384105960266) internal successors, (206), 180 states have internal predecessors, (206), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2024-11-28 02:39:33,618 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 302 transitions. [2024-11-28 02:39:33,619 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 302 transitions. Word has length 58 [2024-11-28 02:39:33,619 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:33,619 INFO L471 AbstractCegarLoop]: Abstraction has 221 states and 302 transitions. [2024-11-28 02:39:33,620 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:33,620 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 302 transitions. [2024-11-28 02:39:33,622 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2024-11-28 02:39:33,623 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:33,624 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:33,624 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-28 02:39:33,624 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:33,624 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:33,625 INFO L85 PathProgramCache]: Analyzing trace with hash -1368929616, now seen corresponding path program 1 times [2024-11-28 02:39:33,625 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:33,625 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1039166826] [2024-11-28 02:39:33,625 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:33,625 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:33,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:33,831 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:33,832 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:33,832 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1039166826] [2024-11-28 02:39:33,832 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1039166826] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:33,832 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:33,832 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-28 02:39:33,832 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1363824239] [2024-11-28 02:39:33,832 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:33,833 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-28 02:39:33,833 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:33,833 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-28 02:39:33,833 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-28 02:39:33,834 INFO L87 Difference]: Start difference. First operand 221 states and 302 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:34,003 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:34,003 INFO L93 Difference]: Finished difference Result 541 states and 771 transitions. [2024-11-28 02:39:34,004 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-28 02:39:34,004 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 62 [2024-11-28 02:39:34,004 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:34,007 INFO L225 Difference]: With dead ends: 541 [2024-11-28 02:39:34,012 INFO L226 Difference]: Without dead ends: 342 [2024-11-28 02:39:34,013 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-28 02:39:34,014 INFO L435 NwaCegarLoop]: 163 mSDtfsCounter, 130 mSDsluCounter, 422 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 585 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:34,014 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 585 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-28 02:39:34,015 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 342 states. [2024-11-28 02:39:34,074 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 342 to 341. [2024-11-28 02:39:34,075 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 341 states, 239 states have (on average 1.3347280334728033) internal successors, (319), 272 states have internal predecessors, (319), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2024-11-28 02:39:34,082 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 341 states to 341 states and 467 transitions. [2024-11-28 02:39:34,082 INFO L78 Accepts]: Start accepts. Automaton has 341 states and 467 transitions. Word has length 62 [2024-11-28 02:39:34,083 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:34,083 INFO L471 AbstractCegarLoop]: Abstraction has 341 states and 467 transitions. [2024-11-28 02:39:34,083 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-28 02:39:34,083 INFO L276 IsEmpty]: Start isEmpty. Operand 341 states and 467 transitions. [2024-11-28 02:39:34,088 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2024-11-28 02:39:34,088 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:34,089 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:34,090 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-28 02:39:34,090 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:34,090 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:34,090 INFO L85 PathProgramCache]: Analyzing trace with hash 823314638, now seen corresponding path program 1 times [2024-11-28 02:39:34,090 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:34,090 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1815963336] [2024-11-28 02:39:34,091 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:34,091 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:34,141 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:34,267 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:34,268 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:34,268 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1815963336] [2024-11-28 02:39:34,268 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1815963336] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:34,270 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:34,270 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-28 02:39:34,270 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1351759090] [2024-11-28 02:39:34,270 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:34,271 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-28 02:39:34,271 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:34,272 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-28 02:39:34,272 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-28 02:39:34,272 INFO L87 Difference]: Start difference. First operand 341 states and 467 transitions. Second operand has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-28 02:39:34,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:34,343 INFO L93 Difference]: Finished difference Result 666 states and 955 transitions. [2024-11-28 02:39:34,345 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-28 02:39:34,345 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) Word has length 82 [2024-11-28 02:39:34,346 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:34,349 INFO L225 Difference]: With dead ends: 666 [2024-11-28 02:39:34,352 INFO L226 Difference]: Without dead ends: 347 [2024-11-28 02:39:34,354 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-28 02:39:34,355 INFO L435 NwaCegarLoop]: 164 mSDtfsCounter, 0 mSDsluCounter, 485 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 649 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:34,355 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 649 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-28 02:39:34,356 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 347 states. [2024-11-28 02:39:34,394 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 347 to 347. [2024-11-28 02:39:34,395 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 347 states, 245 states have (on average 1.3265306122448979) internal successors, (325), 278 states have internal predecessors, (325), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2024-11-28 02:39:34,400 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 347 states to 347 states and 473 transitions. [2024-11-28 02:39:34,401 INFO L78 Accepts]: Start accepts. Automaton has 347 states and 473 transitions. Word has length 82 [2024-11-28 02:39:34,401 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:34,403 INFO L471 AbstractCegarLoop]: Abstraction has 347 states and 473 transitions. [2024-11-28 02:39:34,403 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-28 02:39:34,403 INFO L276 IsEmpty]: Start isEmpty. Operand 347 states and 473 transitions. [2024-11-28 02:39:34,405 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2024-11-28 02:39:34,408 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:34,408 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:34,408 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-28 02:39:34,408 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:34,409 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:34,409 INFO L85 PathProgramCache]: Analyzing trace with hash 885354252, now seen corresponding path program 1 times [2024-11-28 02:39:34,409 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:34,409 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1286257764] [2024-11-28 02:39:34,409 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:34,410 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:34,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:34,611 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:34,611 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:34,611 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1286257764] [2024-11-28 02:39:34,611 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1286257764] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:34,611 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:34,612 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-28 02:39:34,612 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [981307870] [2024-11-28 02:39:34,612 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:34,612 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-28 02:39:34,612 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:34,613 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-28 02:39:34,613 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-28 02:39:34,613 INFO L87 Difference]: Start difference. First operand 347 states and 473 transitions. Second operand has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2024-11-28 02:39:34,728 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:34,728 INFO L93 Difference]: Finished difference Result 680 states and 968 transitions. [2024-11-28 02:39:34,729 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-28 02:39:34,729 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) Word has length 82 [2024-11-28 02:39:34,730 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:34,735 INFO L225 Difference]: With dead ends: 680 [2024-11-28 02:39:34,736 INFO L226 Difference]: Without dead ends: 355 [2024-11-28 02:39:34,738 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-28 02:39:34,740 INFO L435 NwaCegarLoop]: 177 mSDtfsCounter, 136 mSDsluCounter, 481 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 658 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:34,742 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 658 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-28 02:39:34,743 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 355 states. [2024-11-28 02:39:34,788 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 355 to 351. [2024-11-28 02:39:34,790 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 351 states, 249 states have (on average 1.321285140562249) internal successors, (329), 282 states have internal predecessors, (329), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2024-11-28 02:39:34,794 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 351 states to 351 states and 477 transitions. [2024-11-28 02:39:34,795 INFO L78 Accepts]: Start accepts. Automaton has 351 states and 477 transitions. Word has length 82 [2024-11-28 02:39:34,795 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:34,796 INFO L471 AbstractCegarLoop]: Abstraction has 351 states and 477 transitions. [2024-11-28 02:39:34,796 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2024-11-28 02:39:34,796 INFO L276 IsEmpty]: Start isEmpty. Operand 351 states and 477 transitions. [2024-11-28 02:39:34,799 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2024-11-28 02:39:34,799 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:34,799 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:34,799 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-28 02:39:34,800 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:34,801 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:34,801 INFO L85 PathProgramCache]: Analyzing trace with hash 375881162, now seen corresponding path program 1 times [2024-11-28 02:39:34,801 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:34,801 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1678924291] [2024-11-28 02:39:34,801 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:34,801 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:34,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:34,974 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:34,974 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:34,974 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1678924291] [2024-11-28 02:39:34,974 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1678924291] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:34,974 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:34,974 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-28 02:39:34,975 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1394410770] [2024-11-28 02:39:34,975 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:34,976 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-28 02:39:34,976 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:34,977 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-28 02:39:34,977 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-28 02:39:34,977 INFO L87 Difference]: Start difference. First operand 351 states and 477 transitions. Second operand has 4 states, 4 states have (on average 12.75) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2024-11-28 02:39:35,247 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:35,248 INFO L93 Difference]: Finished difference Result 1085 states and 1540 transitions. [2024-11-28 02:39:35,248 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-28 02:39:35,248 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 12.75) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) Word has length 82 [2024-11-28 02:39:35,249 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:35,259 INFO L225 Difference]: With dead ends: 1085 [2024-11-28 02:39:35,259 INFO L226 Difference]: Without dead ends: 756 [2024-11-28 02:39:35,261 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-28 02:39:35,264 INFO L435 NwaCegarLoop]: 265 mSDtfsCounter, 206 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 97 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 206 SdHoareTripleChecker+Valid, 497 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 97 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:35,264 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [206 Valid, 497 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 97 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-28 02:39:35,266 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 756 states. [2024-11-28 02:39:35,373 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 756 to 744. [2024-11-28 02:39:35,375 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 744 states, 532 states have (on average 1.3176691729323309) internal successors, (701), 599 states have internal predecessors, (701), 130 states have call successors, (130), 79 states have call predecessors, (130), 81 states have return successors, (208), 122 states have call predecessors, (208), 130 states have call successors, (208) [2024-11-28 02:39:35,386 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 744 states to 744 states and 1039 transitions. [2024-11-28 02:39:35,387 INFO L78 Accepts]: Start accepts. Automaton has 744 states and 1039 transitions. Word has length 82 [2024-11-28 02:39:35,389 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:35,389 INFO L471 AbstractCegarLoop]: Abstraction has 744 states and 1039 transitions. [2024-11-28 02:39:35,389 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 12.75) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2024-11-28 02:39:35,389 INFO L276 IsEmpty]: Start isEmpty. Operand 744 states and 1039 transitions. [2024-11-28 02:39:35,392 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 87 [2024-11-28 02:39:35,392 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:35,392 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:35,393 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-28 02:39:35,393 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:35,393 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:35,393 INFO L85 PathProgramCache]: Analyzing trace with hash 1192179876, now seen corresponding path program 1 times [2024-11-28 02:39:35,393 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:35,393 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [170404789] [2024-11-28 02:39:35,394 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:35,396 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:35,442 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-28 02:39:35,629 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-28 02:39:35,629 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-28 02:39:35,629 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [170404789] [2024-11-28 02:39:35,629 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [170404789] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-28 02:39:35,629 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-28 02:39:35,629 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-28 02:39:35,630 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [287107353] [2024-11-28 02:39:35,630 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-28 02:39:35,630 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-28 02:39:35,630 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-28 02:39:35,631 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-28 02:39:35,631 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-28 02:39:35,631 INFO L87 Difference]: Start difference. First operand 744 states and 1039 transitions. Second operand has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 3 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-28 02:39:35,991 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-28 02:39:35,991 INFO L93 Difference]: Finished difference Result 2166 states and 3086 transitions. [2024-11-28 02:39:35,992 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-28 02:39:35,992 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 3 states have call predecessors, (11), 2 states have call successors, (11) Word has length 86 [2024-11-28 02:39:35,993 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-28 02:39:36,010 INFO L225 Difference]: With dead ends: 2166 [2024-11-28 02:39:36,013 INFO L226 Difference]: Without dead ends: 1444 [2024-11-28 02:39:36,018 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-28 02:39:36,019 INFO L435 NwaCegarLoop]: 165 mSDtfsCounter, 124 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 729 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-28 02:39:36,019 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 729 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-28 02:39:36,022 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1444 states. [2024-11-28 02:39:36,202 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1444 to 1444. [2024-11-28 02:39:36,205 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1444 states, 1028 states have (on average 1.3054474708171206) internal successors, (1342), 1161 states have internal predecessors, (1342), 254 states have call successors, (254), 157 states have call predecessors, (254), 161 states have return successors, (420), 238 states have call predecessors, (420), 254 states have call successors, (420) [2024-11-28 02:39:36,224 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1444 states to 1444 states and 2016 transitions. [2024-11-28 02:39:36,226 INFO L78 Accepts]: Start accepts. Automaton has 1444 states and 2016 transitions. Word has length 86 [2024-11-28 02:39:36,226 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-28 02:39:36,226 INFO L471 AbstractCegarLoop]: Abstraction has 1444 states and 2016 transitions. [2024-11-28 02:39:36,226 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 3 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-28 02:39:36,227 INFO L276 IsEmpty]: Start isEmpty. Operand 1444 states and 2016 transitions. [2024-11-28 02:39:36,234 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2024-11-28 02:39:36,235 INFO L210 NwaCegarLoop]: Found error trace [2024-11-28 02:39:36,235 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:36,235 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-28 02:39:36,235 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-28 02:39:36,235 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-28 02:39:36,236 INFO L85 PathProgramCache]: Analyzing trace with hash 426691328, now seen corresponding path program 1 times [2024-11-28 02:39:36,236 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-28 02:39:36,236 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1398827719] [2024-11-28 02:39:36,236 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-28 02:39:36,236 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-28 02:39:36,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-28 02:39:36,281 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-28 02:39:36,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-28 02:39:36,357 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2024-11-28 02:39:36,357 INFO L340 BasicCegarLoop]: Counterexample is feasible [2024-11-28 02:39:36,358 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-28 02:39:36,360 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-28 02:39:36,363 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-28 02:39:36,472 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-28 02:39:36,481 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 28.11 02:39:36 BoogieIcfgContainer [2024-11-28 02:39:36,482 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-28 02:39:36,482 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-28 02:39:36,482 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-28 02:39:36,483 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-28 02:39:36,483 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 28.11 02:39:32" (3/4) ... [2024-11-28 02:39:36,484 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2024-11-28 02:39:36,647 INFO L129 tionWitnessGenerator]: Generated YAML witness of length 68. [2024-11-28 02:39:36,751 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/witness.graphml [2024-11-28 02:39:36,751 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/witness.yml [2024-11-28 02:39:36,751 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-28 02:39:36,752 INFO L158 Benchmark]: Toolchain (without parser) took 5702.84ms. Allocated memory was 142.6MB in the beginning and 427.8MB in the end (delta: 285.2MB). Free memory was 118.3MB in the beginning and 165.6MB in the end (delta: -47.3MB). Peak memory consumption was 233.9MB. Max. memory is 16.1GB. [2024-11-28 02:39:36,752 INFO L158 Benchmark]: CDTParser took 0.33ms. Allocated memory is still 142.6MB. Free memory is still 78.7MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-28 02:39:36,753 INFO L158 Benchmark]: CACSL2BoogieTranslator took 555.00ms. Allocated memory is still 142.6MB. Free memory was 118.1MB in the beginning and 98.3MB in the end (delta: 19.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-28 02:39:36,753 INFO L158 Benchmark]: Boogie Procedure Inliner took 59.15ms. Allocated memory is still 142.6MB. Free memory was 98.3MB in the beginning and 96.2MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-28 02:39:36,753 INFO L158 Benchmark]: Boogie Preprocessor took 72.45ms. Allocated memory is still 142.6MB. Free memory was 96.2MB in the beginning and 93.9MB in the end (delta: 2.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-28 02:39:36,754 INFO L158 Benchmark]: RCFGBuilder took 591.10ms. Allocated memory is still 142.6MB. Free memory was 93.9MB in the beginning and 72.7MB in the end (delta: 21.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-28 02:39:36,754 INFO L158 Benchmark]: TraceAbstraction took 4149.37ms. Allocated memory was 142.6MB in the beginning and 427.8MB in the end (delta: 285.2MB). Free memory was 72.3MB in the beginning and 179.9MB in the end (delta: -107.6MB). Peak memory consumption was 183.6MB. Max. memory is 16.1GB. [2024-11-28 02:39:36,754 INFO L158 Benchmark]: Witness Printer took 268.93ms. Allocated memory is still 427.8MB. Free memory was 179.9MB in the beginning and 165.6MB in the end (delta: 14.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-28 02:39:36,756 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.33ms. Allocated memory is still 142.6MB. Free memory is still 78.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 555.00ms. Allocated memory is still 142.6MB. Free memory was 118.1MB in the beginning and 98.3MB in the end (delta: 19.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 59.15ms. Allocated memory is still 142.6MB. Free memory was 98.3MB in the beginning and 96.2MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 72.45ms. Allocated memory is still 142.6MB. Free memory was 96.2MB in the beginning and 93.9MB in the end (delta: 2.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 591.10ms. Allocated memory is still 142.6MB. Free memory was 93.9MB in the beginning and 72.7MB in the end (delta: 21.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 4149.37ms. Allocated memory was 142.6MB in the beginning and 427.8MB in the end (delta: 285.2MB). Free memory was 72.3MB in the beginning and 179.9MB in the end (delta: -107.6MB). Peak memory consumption was 183.6MB. Max. memory is 16.1GB. * Witness Printer took 268.93ms. Allocated memory is still 427.8MB. Free memory was 179.9MB in the beginning and 165.6MB in the end (delta: 14.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [49] - GenericResultAtLocation [Line: 140]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [140] - GenericResultAtLocation [Line: 481]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [481] - GenericResultAtLocation [Line: 847]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [847] - GenericResultAtLocation [Line: 895]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [895] - GenericResultAtLocation [Line: 922]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [922] - GenericResultAtLocation [Line: 1026]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1026] - GenericResultAtLocation [Line: 1035]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [1035] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1031]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int __SELECTED_FEATURE_base ; [L51] int __SELECTED_FEATURE_highWaterSensor ; [L52] int __SELECTED_FEATURE_lowWaterSensor ; [L53] int __SELECTED_FEATURE_methaneQuery ; [L54] int __SELECTED_FEATURE_methaneAlarm ; [L55] int __SELECTED_FEATURE_stopCommand ; [L56] int __SELECTED_FEATURE_startCommand ; [L57] int __GUIDSL_ROOT_PRODUCTION ; [L150] int pumpRunning = 0; [L151] int systemActive = 1; [L651] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L924] int waterLevel = 1; [L925] int methaneLevelCritical = 0; [L1036] int cleanupTimeShifts = 4; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1109] int retValue_acc ; [L1110] int tmp ; [L1114] CALL select_helpers() [L882] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1114] RET select_helpers() [L1115] CALL select_features() [L867] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L868] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L868] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L868] __SELECTED_FEATURE_highWaterSensor = select_one() [L869] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L869] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L869] __SELECTED_FEATURE_lowWaterSensor = select_one() [L870] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L870] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L870] __SELECTED_FEATURE_methaneQuery = select_one() [L871] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L871] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L871] __SELECTED_FEATURE_methaneAlarm = select_one() [L872] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L872] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L872] __SELECTED_FEATURE_stopCommand = select_one() [L873] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L873] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L873] __SELECTED_FEATURE_startCommand = select_one() [L1115] RET select_features() [L1116] CALL, EXPR valid_product() [L887] int retValue_acc ; [L890] retValue_acc = __SELECTED_FEATURE_base [L891] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1116] RET, EXPR valid_product() [L1116] tmp = valid_product() [L1118] COND TRUE \read(tmp) [L1120] FCALL setup() [L1121] CALL runTest() [L1103] CALL test() [L65] int splverifierCounter ; [L66] int tmp ; [L67] int tmp___0 ; [L68] int tmp___1 ; [L69] int tmp___2 ; [L72] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L76] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L82] tmp = __VERIFIER_nondet_int() [L84] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L86] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L942] COND TRUE waterLevel < 2 [L943] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L86] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L92] tmp___0 = __VERIFIER_nondet_int() [L94] COND TRUE \read(tmp___0) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L96] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L954] COND FALSE !(\read(methaneLevelCritical)) [L957] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L96] RET changeMethaneLevel() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L102] tmp___2 = __VERIFIER_nondet_int() [L104] COND TRUE \read(tmp___2) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L105] COND FALSE !(\read(__SELECTED_FEATURE_startCommand)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L129] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L158] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L165] COND TRUE \read(systemActive) [L167] CALL processEnvironment() [L301] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L308] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L258] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L265] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L215] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L217] CALL processEnvironment__role__highWaterSensor() [L187] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L190] COND TRUE ! pumpRunning [L192] CALL, EXPR isHighWaterLevel() [L421] int retValue_acc ; [L422] int tmp ; [L423] int tmp___0 ; [L427] CALL, EXPR isHighWaterSensorDry() [L1004] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L1007] COND FALSE !(waterLevel < 2) [L1011] retValue_acc = 0 [L1012] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L427] RET, EXPR isHighWaterSensorDry() [L427] tmp = isHighWaterSensorDry() [L429] COND FALSE !(\read(tmp)) [L432] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L434] retValue_acc = tmp___0 [L435] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L192] RET, EXPR isHighWaterLevel() [L192] tmp = isHighWaterLevel() [L194] COND TRUE \read(tmp) [L196] CALL activatePump() [L343] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L350] CALL activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L318] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L350] RET activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L196] RET activatePump() [L217] RET processEnvironment__role__highWaterSensor() [L265] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L308] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L167] RET processEnvironment() [L173] CALL __utac_acc__Specification1_spec__1() [L898] int tmp ; [L899] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L903] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L963] int retValue_acc ; [L966] retValue_acc = methaneLevelCritical [L967] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L903] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L903] tmp = isMethaneLevelCritical() [L905] COND TRUE \read(tmp) [L907] CALL, EXPR isPumpRunning() [L376] int retValue_acc ; [L379] retValue_acc = pumpRunning [L380] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L907] RET, EXPR isPumpRunning() [L907] tmp___0 = isPumpRunning() [L909] COND TRUE \read(tmp___0) [L911] CALL __automaton_fail() [L1031] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 141 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.0s, OverallIterations: 9, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 1.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 757 SdHoareTripleChecker+Valid, 0.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 751 mSDsluCounter, 3935 SdHoareTripleChecker+Invalid, 0.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2460 mSDsCounter, 24 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 255 IncrementalHoareTripleChecker+Invalid, 279 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 24 mSolverCounterUnsat, 1475 mSDtfsCounter, 255 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 43 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1444occurred in iteration=8, InterpolantAutomatonStates: 36, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 8 MinimizatonAttempts, 20 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 648 NumberOfCodeBlocks, 648 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 550 ConstructedInterpolants, 0 QuantifiedInterpolants, 881 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 360/360 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2024-11-28 02:39:36,780 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d5fa5e5-0713-4c88-8a1e-82a5047eae97/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE