Hi,

I'm working on generating different types of counterexamples for a given model that is failing to meet its specification. One idea I had was to add a snippet of the last counterexample I found into a notrace statement so that Spin will not allow trace of that form. However, Spin is still returning the same counterexample after the notrace is added. I think this may be because the model is already failing, so notrace doesn't care. Is there a way to do this without correcting the model after each run?

Thanks so much for your help!

A trace or notrace definition will not restrict behavior (only a never claim can do that),
so I would not expect different counter-examples to appear.
You can of course still use the -c flag to trigger a report for a specific counter-example (other than the first one found, which is reported by default). (E.g., -c2 to get the 2nd counter-example)