java -ea -Xmx8000000000 -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc ../../../trunk/examples/toolchains/AutomizerC.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf -i ../../../trunk/examples/svcomp/list-properties/simple_built_from_end_true-unreach-call_false-valid-memtrack.i -------------------------------------------------------------------------------- This is Ultimate 0.1.23-370d6ab [2018-11-14 16:22:46,632 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-14 16:22:46,636 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-14 16:22:46,648 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-14 16:22:46,649 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-14 16:22:46,650 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-14 16:22:46,651 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-14 16:22:46,654 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-14 16:22:46,656 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-14 16:22:46,657 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-14 16:22:46,659 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-14 16:22:46,660 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-14 16:22:46,661 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-14 16:22:46,662 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-14 16:22:46,663 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-14 16:22:46,664 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-14 16:22:46,665 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-14 16:22:46,667 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-14 16:22:46,669 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-14 16:22:46,671 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-14 16:22:46,672 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-14 16:22:46,673 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-14 16:22:46,676 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-14 16:22:46,676 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-14 16:22:46,676 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-14 16:22:46,677 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-14 16:22:46,678 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-14 16:22:46,679 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-14 16:22:46,681 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-14 16:22:46,682 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-14 16:22:46,682 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-14 16:22:46,686 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-14 16:22:46,687 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-14 16:22:46,687 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-14 16:22:46,689 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-14 16:22:46,690 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-14 16:22:46,691 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf [2018-11-14 16:22:46,721 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-14 16:22:46,721 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-14 16:22:46,722 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-14 16:22:46,722 INFO L133 SettingsManager]: * to procedures, called more than once=true [2018-11-14 16:22:46,724 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-14 16:22:46,724 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-14 16:22:46,724 INFO L133 SettingsManager]: * Use SBE=true [2018-11-14 16:22:46,725 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-14 16:22:46,725 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-14 16:22:46,725 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-14 16:22:46,725 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-14 16:22:46,725 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-14 16:22:46,727 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-14 16:22:46,727 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-14 16:22:46,727 INFO L133 SettingsManager]: * Use bitvectors instead of ints=true [2018-11-14 16:22:46,727 INFO L133 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2018-11-14 16:22:46,727 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-14 16:22:46,728 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-14 16:22:46,728 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-14 16:22:46,728 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-14 16:22:46,728 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-14 16:22:46,729 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-14 16:22:46,730 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-14 16:22:46,730 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-14 16:22:46,730 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-14 16:22:46,731 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-14 16:22:46,731 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-14 16:22:46,731 INFO L133 SettingsManager]: * Trace refinement strategy=WOLF [2018-11-14 16:22:46,731 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-14 16:22:46,731 INFO L133 SettingsManager]: * Command for external solver=cvc4nyu --tear-down-incremental --rewrite-divk --print-success --lang smt [2018-11-14 16:22:46,732 INFO L133 SettingsManager]: * Logic for external solver=AUFBV [2018-11-14 16:22:46,732 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2018-11-14 16:22:46,780 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-14 16:22:46,793 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-14 16:22:46,797 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-14 16:22:46,799 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-14 16:22:46,799 INFO L276 PluginConnector]: CDTParser initialized [2018-11-14 16:22:46,800 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/list-properties/simple_built_from_end_true-unreach-call_false-valid-memtrack.i [2018-11-14 16:22:46,862 INFO L218 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c93f31be2/b5ad2cb2e4fe46518d711694559ff5c4/FLAG80501bbee [2018-11-14 16:22:47,446 INFO L298 CDTParser]: Found 1 translation units. [2018-11-14 16:22:47,447 INFO L158 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/list-properties/simple_built_from_end_true-unreach-call_false-valid-memtrack.i [2018-11-14 16:22:47,464 INFO L346 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c93f31be2/b5ad2cb2e4fe46518d711694559ff5c4/FLAG80501bbee [2018-11-14 16:22:47,488 INFO L354 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c93f31be2/b5ad2cb2e4fe46518d711694559ff5c4 [2018-11-14 16:22:47,500 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-14 16:22:47,502 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2018-11-14 16:22:47,503 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-14 16:22:47,504 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-14 16:22:47,509 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-14 16:22:47,511 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 04:22:47" (1/1) ... [2018-11-14 16:22:47,514 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@43caf5ef and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:47, skipping insertion in model container [2018-11-14 16:22:47,514 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 04:22:47" (1/1) ... [2018-11-14 16:22:47,525 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-14 16:22:47,586 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-14 16:22:47,943 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-14 16:22:47,962 INFO L191 MainTranslator]: Completed pre-run [2018-11-14 16:22:48,031 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-14 16:22:48,094 INFO L195 MainTranslator]: Completed translation [2018-11-14 16:22:48,095 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48 WrapperNode [2018-11-14 16:22:48,095 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-14 16:22:48,096 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-14 16:22:48,096 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-14 16:22:48,096 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-14 16:22:48,182 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... [2018-11-14 16:22:48,182 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... [2018-11-14 16:22:48,214 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... [2018-11-14 16:22:48,214 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... [2018-11-14 16:22:48,238 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... [2018-11-14 16:22:48,244 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... [2018-11-14 16:22:48,247 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... [2018-11-14 16:22:48,254 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-14 16:22:48,255 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-14 16:22:48,255 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-14 16:22:48,255 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-14 16:22:48,256 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-14 16:22:48,323 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-14 16:22:48,324 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-14 16:22:48,324 INFO L138 BoogieDeclarations]: Found implementation of procedure exit [2018-11-14 16:22:48,324 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-14 16:22:48,324 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2018-11-14 16:22:48,324 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_int [2018-11-14 16:22:48,325 INFO L130 BoogieDeclarations]: Found specification of procedure __ctype_get_mb_cur_max [2018-11-14 16:22:48,325 INFO L130 BoogieDeclarations]: Found specification of procedure atof [2018-11-14 16:22:48,325 INFO L130 BoogieDeclarations]: Found specification of procedure atoi [2018-11-14 16:22:48,325 INFO L130 BoogieDeclarations]: Found specification of procedure atol [2018-11-14 16:22:48,325 INFO L130 BoogieDeclarations]: Found specification of procedure atoll [2018-11-14 16:22:48,325 INFO L130 BoogieDeclarations]: Found specification of procedure strtod [2018-11-14 16:22:48,325 INFO L130 BoogieDeclarations]: Found specification of procedure strtof [2018-11-14 16:22:48,326 INFO L130 BoogieDeclarations]: Found specification of procedure strtold [2018-11-14 16:22:48,326 INFO L130 BoogieDeclarations]: Found specification of procedure strtol [2018-11-14 16:22:48,326 INFO L130 BoogieDeclarations]: Found specification of procedure strtoul [2018-11-14 16:22:48,326 INFO L130 BoogieDeclarations]: Found specification of procedure strtoq [2018-11-14 16:22:48,326 INFO L130 BoogieDeclarations]: Found specification of procedure strtouq [2018-11-14 16:22:48,326 INFO L130 BoogieDeclarations]: Found specification of procedure strtoll [2018-11-14 16:22:48,328 INFO L130 BoogieDeclarations]: Found specification of procedure strtoull [2018-11-14 16:22:48,328 INFO L130 BoogieDeclarations]: Found specification of procedure l64a [2018-11-14 16:22:48,329 INFO L130 BoogieDeclarations]: Found specification of procedure a64l [2018-11-14 16:22:48,329 INFO L130 BoogieDeclarations]: Found specification of procedure select [2018-11-14 16:22:48,329 INFO L130 BoogieDeclarations]: Found specification of procedure pselect [2018-11-14 16:22:48,329 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_major [2018-11-14 16:22:48,329 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_minor [2018-11-14 16:22:48,329 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_makedev [2018-11-14 16:22:48,329 INFO L130 BoogieDeclarations]: Found specification of procedure random [2018-11-14 16:22:48,331 INFO L130 BoogieDeclarations]: Found specification of procedure srandom [2018-11-14 16:22:48,331 INFO L130 BoogieDeclarations]: Found specification of procedure initstate [2018-11-14 16:22:48,331 INFO L130 BoogieDeclarations]: Found specification of procedure setstate [2018-11-14 16:22:48,331 INFO L130 BoogieDeclarations]: Found specification of procedure random_r [2018-11-14 16:22:48,332 INFO L130 BoogieDeclarations]: Found specification of procedure srandom_r [2018-11-14 16:22:48,332 INFO L130 BoogieDeclarations]: Found specification of procedure initstate_r [2018-11-14 16:22:48,332 INFO L130 BoogieDeclarations]: Found specification of procedure setstate_r [2018-11-14 16:22:48,332 INFO L130 BoogieDeclarations]: Found specification of procedure rand [2018-11-14 16:22:48,332 INFO L130 BoogieDeclarations]: Found specification of procedure srand [2018-11-14 16:22:48,332 INFO L130 BoogieDeclarations]: Found specification of procedure rand_r [2018-11-14 16:22:48,332 INFO L130 BoogieDeclarations]: Found specification of procedure drand48 [2018-11-14 16:22:48,333 INFO L130 BoogieDeclarations]: Found specification of procedure erand48 [2018-11-14 16:22:48,333 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48 [2018-11-14 16:22:48,333 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48 [2018-11-14 16:22:48,333 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48 [2018-11-14 16:22:48,334 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48 [2018-11-14 16:22:48,334 INFO L130 BoogieDeclarations]: Found specification of procedure srand48 [2018-11-14 16:22:48,334 INFO L130 BoogieDeclarations]: Found specification of procedure seed48 [2018-11-14 16:22:48,334 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48 [2018-11-14 16:22:48,334 INFO L130 BoogieDeclarations]: Found specification of procedure drand48_r [2018-11-14 16:22:48,334 INFO L130 BoogieDeclarations]: Found specification of procedure erand48_r [2018-11-14 16:22:48,334 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48_r [2018-11-14 16:22:48,335 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48_r [2018-11-14 16:22:48,335 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48_r [2018-11-14 16:22:48,335 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48_r [2018-11-14 16:22:48,335 INFO L130 BoogieDeclarations]: Found specification of procedure srand48_r [2018-11-14 16:22:48,335 INFO L130 BoogieDeclarations]: Found specification of procedure seed48_r [2018-11-14 16:22:48,335 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48_r [2018-11-14 16:22:48,335 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2018-11-14 16:22:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure calloc [2018-11-14 16:22:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure realloc [2018-11-14 16:22:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure free [2018-11-14 16:22:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure cfree [2018-11-14 16:22:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure alloca [2018-11-14 16:22:48,336 INFO L130 BoogieDeclarations]: Found specification of procedure valloc [2018-11-14 16:22:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure posix_memalign [2018-11-14 16:22:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure abort [2018-11-14 16:22:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure atexit [2018-11-14 16:22:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure on_exit [2018-11-14 16:22:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2018-11-14 16:22:48,337 INFO L130 BoogieDeclarations]: Found specification of procedure _Exit [2018-11-14 16:22:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure getenv [2018-11-14 16:22:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure __secure_getenv [2018-11-14 16:22:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure putenv [2018-11-14 16:22:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure setenv [2018-11-14 16:22:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure unsetenv [2018-11-14 16:22:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure clearenv [2018-11-14 16:22:48,338 INFO L130 BoogieDeclarations]: Found specification of procedure mktemp [2018-11-14 16:22:48,339 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemp [2018-11-14 16:22:48,339 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemps [2018-11-14 16:22:48,339 INFO L130 BoogieDeclarations]: Found specification of procedure mkdtemp [2018-11-14 16:22:48,339 INFO L130 BoogieDeclarations]: Found specification of procedure system [2018-11-14 16:22:48,339 INFO L130 BoogieDeclarations]: Found specification of procedure realpath [2018-11-14 16:22:48,339 INFO L130 BoogieDeclarations]: Found specification of procedure bsearch [2018-11-14 16:22:48,340 INFO L130 BoogieDeclarations]: Found specification of procedure qsort [2018-11-14 16:22:48,340 INFO L130 BoogieDeclarations]: Found specification of procedure abs [2018-11-14 16:22:48,340 INFO L130 BoogieDeclarations]: Found specification of procedure labs [2018-11-14 16:22:48,340 INFO L130 BoogieDeclarations]: Found specification of procedure llabs [2018-11-14 16:22:48,340 INFO L130 BoogieDeclarations]: Found specification of procedure div [2018-11-14 16:22:48,340 INFO L130 BoogieDeclarations]: Found specification of procedure ldiv [2018-11-14 16:22:48,340 INFO L130 BoogieDeclarations]: Found specification of procedure lldiv [2018-11-14 16:22:48,341 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt [2018-11-14 16:22:48,341 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt [2018-11-14 16:22:48,341 INFO L130 BoogieDeclarations]: Found specification of procedure gcvt [2018-11-14 16:22:48,341 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt [2018-11-14 16:22:48,341 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt [2018-11-14 16:22:48,341 INFO L130 BoogieDeclarations]: Found specification of procedure qgcvt [2018-11-14 16:22:48,342 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt_r [2018-11-14 16:22:48,342 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt_r [2018-11-14 16:22:48,342 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt_r [2018-11-14 16:22:48,342 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt_r [2018-11-14 16:22:48,342 INFO L130 BoogieDeclarations]: Found specification of procedure mblen [2018-11-14 16:22:48,342 INFO L130 BoogieDeclarations]: Found specification of procedure mbtowc [2018-11-14 16:22:48,343 INFO L130 BoogieDeclarations]: Found specification of procedure wctomb [2018-11-14 16:22:48,343 INFO L130 BoogieDeclarations]: Found specification of procedure mbstowcs [2018-11-14 16:22:48,343 INFO L130 BoogieDeclarations]: Found specification of procedure wcstombs [2018-11-14 16:22:48,343 INFO L130 BoogieDeclarations]: Found specification of procedure rpmatch [2018-11-14 16:22:48,343 INFO L130 BoogieDeclarations]: Found specification of procedure getsubopt [2018-11-14 16:22:48,343 INFO L130 BoogieDeclarations]: Found specification of procedure getloadavg [2018-11-14 16:22:48,344 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-14 16:22:48,344 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-14 16:22:48,344 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2018-11-14 16:22:48,344 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2018-11-14 16:22:48,346 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE4 [2018-11-14 16:22:48,346 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2018-11-14 16:22:48,346 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-14 16:22:48,346 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-14 16:22:48,346 INFO L130 BoogieDeclarations]: Found specification of procedure write~unchecked~intINTTYPE4 [2018-11-14 16:22:48,346 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2018-11-14 16:22:49,101 INFO L278 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-14 16:22:49,102 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 04:22:49 BoogieIcfgContainer [2018-11-14 16:22:49,102 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-14 16:22:49,103 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-14 16:22:49,103 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-14 16:22:49,107 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-14 16:22:49,107 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.11 04:22:47" (1/3) ... [2018-11-14 16:22:49,108 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@415c6b8e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 04:22:49, skipping insertion in model container [2018-11-14 16:22:49,108 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 04:22:48" (2/3) ... [2018-11-14 16:22:49,108 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@415c6b8e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 04:22:49, skipping insertion in model container [2018-11-14 16:22:49,109 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 04:22:49" (3/3) ... [2018-11-14 16:22:49,110 INFO L112 eAbstractionObserver]: Analyzing ICFG simple_built_from_end_true-unreach-call_false-valid-memtrack.i [2018-11-14 16:22:49,120 INFO L136 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-14 16:22:49,132 INFO L148 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-11-14 16:22:49,149 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-11-14 16:22:49,181 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-14 16:22:49,181 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-14 16:22:49,182 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-14 16:22:49,182 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-14 16:22:49,182 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-14 16:22:49,182 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-14 16:22:49,182 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-14 16:22:49,182 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-14 16:22:49,183 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-14 16:22:49,198 INFO L276 IsEmpty]: Start isEmpty. Operand 23 states. [2018-11-14 16:22:49,204 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2018-11-14 16:22:49,205 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:22:49,206 INFO L375 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:22:49,209 INFO L423 AbstractCegarLoop]: === Iteration 1 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:22:49,214 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:22:49,215 INFO L82 PathProgramCache]: Analyzing trace with hash 2033893237, now seen corresponding path program 1 times [2018-11-14 16:22:49,219 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:22:49,220 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:22:49,238 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 16:22:49,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:49,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:49,296 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:22:49,352 INFO L256 TraceCheckUtils]: 0: Hoare triple {26#true} call ULTIMATE.init(); {26#true} is VALID [2018-11-14 16:22:49,355 INFO L273 TraceCheckUtils]: 1: Hoare triple {26#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {26#true} is VALID [2018-11-14 16:22:49,356 INFO L273 TraceCheckUtils]: 2: Hoare triple {26#true} assume true; {26#true} is VALID [2018-11-14 16:22:49,357 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {26#true} {26#true} #57#return; {26#true} is VALID [2018-11-14 16:22:49,357 INFO L256 TraceCheckUtils]: 4: Hoare triple {26#true} call #t~ret4 := main(); {26#true} is VALID [2018-11-14 16:22:49,358 INFO L273 TraceCheckUtils]: 5: Hoare triple {26#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {26#true} is VALID [2018-11-14 16:22:49,371 INFO L273 TraceCheckUtils]: 6: Hoare triple {26#true} assume !true; {27#false} is VALID [2018-11-14 16:22:49,372 INFO L273 TraceCheckUtils]: 7: Hoare triple {27#false} assume true; {27#false} is VALID [2018-11-14 16:22:49,372 INFO L273 TraceCheckUtils]: 8: Hoare triple {27#false} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {27#false} is VALID [2018-11-14 16:22:49,372 INFO L273 TraceCheckUtils]: 9: Hoare triple {27#false} assume #t~mem2 != 1bv32;havoc #t~mem2; {27#false} is VALID [2018-11-14 16:22:49,373 INFO L273 TraceCheckUtils]: 10: Hoare triple {27#false} assume !false; {27#false} is VALID [2018-11-14 16:22:49,376 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:22:49,377 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-14 16:22:49,385 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 16:22:49,385 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2018-11-14 16:22:49,392 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 11 [2018-11-14 16:22:49,395 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 16:22:49,399 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states. [2018-11-14 16:22:49,444 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:49,445 INFO L459 AbstractCegarLoop]: Interpolant automaton has 2 states [2018-11-14 16:22:49,452 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2018-11-14 16:22:49,453 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-14 16:22:49,455 INFO L87 Difference]: Start difference. First operand 23 states. Second operand 2 states. [2018-11-14 16:22:49,580 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:49,580 INFO L93 Difference]: Finished difference Result 33 states and 39 transitions. [2018-11-14 16:22:49,580 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2018-11-14 16:22:49,580 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 11 [2018-11-14 16:22:49,581 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 16:22:49,582 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-14 16:22:49,597 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 39 transitions. [2018-11-14 16:22:49,597 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-14 16:22:49,601 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 39 transitions. [2018-11-14 16:22:49,601 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 39 transitions. [2018-11-14 16:22:49,832 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:49,842 INFO L225 Difference]: With dead ends: 33 [2018-11-14 16:22:49,843 INFO L226 Difference]: Without dead ends: 16 [2018-11-14 16:22:49,846 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-14 16:22:49,864 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 16 states. [2018-11-14 16:22:49,901 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 16 to 16. [2018-11-14 16:22:49,902 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 16:22:49,902 INFO L82 GeneralOperation]: Start isEquivalent. First operand 16 states. Second operand 16 states. [2018-11-14 16:22:49,903 INFO L74 IsIncluded]: Start isIncluded. First operand 16 states. Second operand 16 states. [2018-11-14 16:22:49,903 INFO L87 Difference]: Start difference. First operand 16 states. Second operand 16 states. [2018-11-14 16:22:49,906 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:49,907 INFO L93 Difference]: Finished difference Result 16 states and 17 transitions. [2018-11-14 16:22:49,907 INFO L276 IsEmpty]: Start isEmpty. Operand 16 states and 17 transitions. [2018-11-14 16:22:49,907 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:49,907 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:49,908 INFO L74 IsIncluded]: Start isIncluded. First operand 16 states. Second operand 16 states. [2018-11-14 16:22:49,908 INFO L87 Difference]: Start difference. First operand 16 states. Second operand 16 states. [2018-11-14 16:22:49,911 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:49,911 INFO L93 Difference]: Finished difference Result 16 states and 17 transitions. [2018-11-14 16:22:49,911 INFO L276 IsEmpty]: Start isEmpty. Operand 16 states and 17 transitions. [2018-11-14 16:22:49,912 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:49,912 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:49,912 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 16:22:49,912 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 16:22:49,913 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 16 states. [2018-11-14 16:22:49,915 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 16 states to 16 states and 17 transitions. [2018-11-14 16:22:49,916 INFO L78 Accepts]: Start accepts. Automaton has 16 states and 17 transitions. Word has length 11 [2018-11-14 16:22:49,917 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 16:22:49,917 INFO L480 AbstractCegarLoop]: Abstraction has 16 states and 17 transitions. [2018-11-14 16:22:49,917 INFO L481 AbstractCegarLoop]: Interpolant automaton has 2 states. [2018-11-14 16:22:49,917 INFO L276 IsEmpty]: Start isEmpty. Operand 16 states and 17 transitions. [2018-11-14 16:22:49,918 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2018-11-14 16:22:49,918 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:22:49,918 INFO L375 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:22:49,918 INFO L423 AbstractCegarLoop]: === Iteration 2 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:22:49,919 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:22:49,919 INFO L82 PathProgramCache]: Analyzing trace with hash -1846843495, now seen corresponding path program 1 times [2018-11-14 16:22:49,919 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:22:49,919 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:22:49,938 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 16:22:49,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:49,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:49,979 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:22:50,174 INFO L256 TraceCheckUtils]: 0: Hoare triple {153#true} call ULTIMATE.init(); {153#true} is VALID [2018-11-14 16:22:50,175 INFO L273 TraceCheckUtils]: 1: Hoare triple {153#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {153#true} is VALID [2018-11-14 16:22:50,175 INFO L273 TraceCheckUtils]: 2: Hoare triple {153#true} assume true; {153#true} is VALID [2018-11-14 16:22:50,176 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {153#true} {153#true} #57#return; {153#true} is VALID [2018-11-14 16:22:50,176 INFO L256 TraceCheckUtils]: 4: Hoare triple {153#true} call #t~ret4 := main(); {153#true} is VALID [2018-11-14 16:22:50,192 INFO L273 TraceCheckUtils]: 5: Hoare triple {153#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:50,201 INFO L273 TraceCheckUtils]: 6: Hoare triple {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:50,215 INFO L273 TraceCheckUtils]: 7: Hoare triple {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:50,229 INFO L273 TraceCheckUtils]: 8: Hoare triple {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:50,242 INFO L273 TraceCheckUtils]: 9: Hoare triple {173#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {154#false} is VALID [2018-11-14 16:22:50,243 INFO L273 TraceCheckUtils]: 10: Hoare triple {154#false} assume #t~mem2 != 1bv32;havoc #t~mem2; {154#false} is VALID [2018-11-14 16:22:50,244 INFO L273 TraceCheckUtils]: 11: Hoare triple {154#false} assume !false; {154#false} is VALID [2018-11-14 16:22:50,246 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:22:50,246 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-14 16:22:50,249 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 16:22:50,250 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-14 16:22:50,252 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 12 [2018-11-14 16:22:50,253 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 16:22:50,253 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2018-11-14 16:22:50,413 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:50,414 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-14 16:22:50,414 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-14 16:22:50,414 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 16:22:50,415 INFO L87 Difference]: Start difference. First operand 16 states and 17 transitions. Second operand 3 states. [2018-11-14 16:22:50,980 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:50,984 INFO L93 Difference]: Finished difference Result 28 states and 30 transitions. [2018-11-14 16:22:50,984 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-14 16:22:50,984 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 12 [2018-11-14 16:22:50,985 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 16:22:50,985 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 16:22:50,987 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 30 transitions. [2018-11-14 16:22:50,987 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 16:22:50,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 30 transitions. [2018-11-14 16:22:50,992 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 30 transitions. [2018-11-14 16:22:51,075 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:51,078 INFO L225 Difference]: With dead ends: 28 [2018-11-14 16:22:51,078 INFO L226 Difference]: Without dead ends: 20 [2018-11-14 16:22:51,079 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 16:22:51,080 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 20 states. [2018-11-14 16:22:51,103 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 20 to 18. [2018-11-14 16:22:51,103 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 16:22:51,103 INFO L82 GeneralOperation]: Start isEquivalent. First operand 20 states. Second operand 18 states. [2018-11-14 16:22:51,104 INFO L74 IsIncluded]: Start isIncluded. First operand 20 states. Second operand 18 states. [2018-11-14 16:22:51,104 INFO L87 Difference]: Start difference. First operand 20 states. Second operand 18 states. [2018-11-14 16:22:51,106 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:51,106 INFO L93 Difference]: Finished difference Result 20 states and 21 transitions. [2018-11-14 16:22:51,106 INFO L276 IsEmpty]: Start isEmpty. Operand 20 states and 21 transitions. [2018-11-14 16:22:51,107 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:51,107 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:51,107 INFO L74 IsIncluded]: Start isIncluded. First operand 18 states. Second operand 20 states. [2018-11-14 16:22:51,108 INFO L87 Difference]: Start difference. First operand 18 states. Second operand 20 states. [2018-11-14 16:22:51,110 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:51,110 INFO L93 Difference]: Finished difference Result 20 states and 21 transitions. [2018-11-14 16:22:51,110 INFO L276 IsEmpty]: Start isEmpty. Operand 20 states and 21 transitions. [2018-11-14 16:22:51,111 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:51,111 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:51,111 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 16:22:51,111 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 16:22:51,111 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 18 states. [2018-11-14 16:22:51,113 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 19 transitions. [2018-11-14 16:22:51,113 INFO L78 Accepts]: Start accepts. Automaton has 18 states and 19 transitions. Word has length 12 [2018-11-14 16:22:51,113 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 16:22:51,114 INFO L480 AbstractCegarLoop]: Abstraction has 18 states and 19 transitions. [2018-11-14 16:22:51,114 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-14 16:22:51,114 INFO L276 IsEmpty]: Start isEmpty. Operand 18 states and 19 transitions. [2018-11-14 16:22:51,114 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2018-11-14 16:22:51,115 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:22:51,115 INFO L375 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:22:51,115 INFO L423 AbstractCegarLoop]: === Iteration 3 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:22:51,115 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:22:51,116 INFO L82 PathProgramCache]: Analyzing trace with hash -1810510431, now seen corresponding path program 1 times [2018-11-14 16:22:51,116 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:22:51,116 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:22:51,138 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 16:22:51,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:51,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:51,197 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:22:51,537 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-14 16:22:51,547 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-14 16:22:51,554 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:51,558 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:51,568 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:51,568 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:15, output treesize:11 [2018-11-14 16:22:51,658 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 16:22:51,697 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:22:51,699 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:51,705 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:51,710 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:51,711 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:15, output treesize:3 [2018-11-14 16:22:51,713 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:22:51,734 INFO L256 TraceCheckUtils]: 0: Hoare triple {289#true} call ULTIMATE.init(); {289#true} is VALID [2018-11-14 16:22:51,734 INFO L273 TraceCheckUtils]: 1: Hoare triple {289#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {289#true} is VALID [2018-11-14 16:22:51,735 INFO L273 TraceCheckUtils]: 2: Hoare triple {289#true} assume true; {289#true} is VALID [2018-11-14 16:22:51,735 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {289#true} {289#true} #57#return; {289#true} is VALID [2018-11-14 16:22:51,735 INFO L256 TraceCheckUtils]: 4: Hoare triple {289#true} call #t~ret4 := main(); {289#true} is VALID [2018-11-14 16:22:51,735 INFO L273 TraceCheckUtils]: 5: Hoare triple {289#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {289#true} is VALID [2018-11-14 16:22:51,736 INFO L273 TraceCheckUtils]: 6: Hoare triple {289#true} assume true; {289#true} is VALID [2018-11-14 16:22:51,738 INFO L273 TraceCheckUtils]: 7: Hoare triple {289#true} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {315#(= main_~t~0.offset (_ bv0 32))} is VALID [2018-11-14 16:22:51,738 INFO L273 TraceCheckUtils]: 8: Hoare triple {315#(= main_~t~0.offset (_ bv0 32))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {315#(= main_~t~0.offset (_ bv0 32))} is VALID [2018-11-14 16:22:51,756 INFO L273 TraceCheckUtils]: 9: Hoare triple {315#(= main_~t~0.offset (_ bv0 32))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:51,766 INFO L273 TraceCheckUtils]: 10: Hoare triple {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume true; {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:51,779 INFO L273 TraceCheckUtils]: 11: Hoare triple {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:51,780 INFO L273 TraceCheckUtils]: 12: Hoare triple {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume true; {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:51,781 INFO L273 TraceCheckUtils]: 13: Hoare triple {322#(and (= main_~p~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {335#(= (_ bv1 32) |main_#t~mem2|)} is VALID [2018-11-14 16:22:51,781 INFO L273 TraceCheckUtils]: 14: Hoare triple {335#(= (_ bv1 32) |main_#t~mem2|)} assume #t~mem2 != 1bv32;havoc #t~mem2; {290#false} is VALID [2018-11-14 16:22:51,782 INFO L273 TraceCheckUtils]: 15: Hoare triple {290#false} assume !false; {290#false} is VALID [2018-11-14 16:22:51,784 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:22:51,785 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-14 16:22:51,789 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 16:22:51,789 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-11-14 16:22:51,789 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 16 [2018-11-14 16:22:51,790 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 16:22:51,790 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2018-11-14 16:22:51,856 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:51,856 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-11-14 16:22:51,857 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-11-14 16:22:51,857 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2018-11-14 16:22:51,857 INFO L87 Difference]: Start difference. First operand 18 states and 19 transitions. Second operand 5 states. [2018-11-14 16:22:52,267 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:52,268 INFO L93 Difference]: Finished difference Result 26 states and 27 transitions. [2018-11-14 16:22:52,268 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-11-14 16:22:52,268 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 16 [2018-11-14 16:22:52,269 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 16:22:52,269 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-14 16:22:52,271 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 27 transitions. [2018-11-14 16:22:52,272 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-14 16:22:52,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 27 transitions. [2018-11-14 16:22:52,276 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 27 transitions. [2018-11-14 16:22:52,357 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:52,359 INFO L225 Difference]: With dead ends: 26 [2018-11-14 16:22:52,359 INFO L226 Difference]: Without dead ends: 24 [2018-11-14 16:22:52,360 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2018-11-14 16:22:52,360 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24 states. [2018-11-14 16:22:52,397 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24 to 21. [2018-11-14 16:22:52,397 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 16:22:52,398 INFO L82 GeneralOperation]: Start isEquivalent. First operand 24 states. Second operand 21 states. [2018-11-14 16:22:52,398 INFO L74 IsIncluded]: Start isIncluded. First operand 24 states. Second operand 21 states. [2018-11-14 16:22:52,398 INFO L87 Difference]: Start difference. First operand 24 states. Second operand 21 states. [2018-11-14 16:22:52,400 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:52,400 INFO L93 Difference]: Finished difference Result 24 states and 25 transitions. [2018-11-14 16:22:52,400 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 25 transitions. [2018-11-14 16:22:52,400 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:52,400 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:52,401 INFO L74 IsIncluded]: Start isIncluded. First operand 21 states. Second operand 24 states. [2018-11-14 16:22:52,401 INFO L87 Difference]: Start difference. First operand 21 states. Second operand 24 states. [2018-11-14 16:22:52,402 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:52,403 INFO L93 Difference]: Finished difference Result 24 states and 25 transitions. [2018-11-14 16:22:52,403 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 25 transitions. [2018-11-14 16:22:52,403 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:52,403 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:52,404 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 16:22:52,404 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 16:22:52,404 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21 states. [2018-11-14 16:22:52,405 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 22 transitions. [2018-11-14 16:22:52,406 INFO L78 Accepts]: Start accepts. Automaton has 21 states and 22 transitions. Word has length 16 [2018-11-14 16:22:52,406 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 16:22:52,406 INFO L480 AbstractCegarLoop]: Abstraction has 21 states and 22 transitions. [2018-11-14 16:22:52,406 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-11-14 16:22:52,406 INFO L276 IsEmpty]: Start isEmpty. Operand 21 states and 22 transitions. [2018-11-14 16:22:52,407 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2018-11-14 16:22:52,407 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:22:52,407 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:22:52,408 INFO L423 AbstractCegarLoop]: === Iteration 4 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:22:52,408 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:22:52,408 INFO L82 PathProgramCache]: Analyzing trace with hash -601819927, now seen corresponding path program 1 times [2018-11-14 16:22:52,409 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:22:52,409 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:22:52,429 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 16:22:52,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:52,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:52,494 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:22:52,585 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:22:52,594 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:22:52,596 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,599 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,624 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:22:52,632 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:22:52,633 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,637 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,652 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,652 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:30, output treesize:22 [2018-11-14 16:22:52,834 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 16:22:52,902 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:22:52,929 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,942 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,963 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 16:22:52,970 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:22:52,971 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,975 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,980 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:52,980 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:29, output treesize:7 [2018-11-14 16:22:52,985 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:22:52,991 INFO L256 TraceCheckUtils]: 0: Hoare triple {453#true} call ULTIMATE.init(); {453#true} is VALID [2018-11-14 16:22:52,991 INFO L273 TraceCheckUtils]: 1: Hoare triple {453#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {453#true} is VALID [2018-11-14 16:22:52,992 INFO L273 TraceCheckUtils]: 2: Hoare triple {453#true} assume true; {453#true} is VALID [2018-11-14 16:22:52,992 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {453#true} {453#true} #57#return; {453#true} is VALID [2018-11-14 16:22:52,992 INFO L256 TraceCheckUtils]: 4: Hoare triple {453#true} call #t~ret4 := main(); {453#true} is VALID [2018-11-14 16:22:52,993 INFO L273 TraceCheckUtils]: 5: Hoare triple {453#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:52,993 INFO L273 TraceCheckUtils]: 6: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:52,994 INFO L273 TraceCheckUtils]: 7: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {480#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)))} is VALID [2018-11-14 16:22:52,995 INFO L273 TraceCheckUtils]: 8: Hoare triple {480#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {480#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)))} is VALID [2018-11-14 16:22:52,998 INFO L273 TraceCheckUtils]: 9: Hoare triple {480#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:52,999 INFO L273 TraceCheckUtils]: 10: Hoare triple {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume true; {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:53,013 INFO L273 TraceCheckUtils]: 11: Hoare triple {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:53,017 INFO L273 TraceCheckUtils]: 12: Hoare triple {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume true; {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:53,018 INFO L273 TraceCheckUtils]: 13: Hoare triple {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:53,019 INFO L273 TraceCheckUtils]: 14: Hoare triple {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:53,020 INFO L273 TraceCheckUtils]: 15: Hoare triple {487#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:53,022 INFO L273 TraceCheckUtils]: 16: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:53,022 INFO L273 TraceCheckUtils]: 17: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {454#false} is VALID [2018-11-14 16:22:53,023 INFO L273 TraceCheckUtils]: 18: Hoare triple {454#false} assume #t~mem2 != 1bv32;havoc #t~mem2; {454#false} is VALID [2018-11-14 16:22:53,023 INFO L273 TraceCheckUtils]: 19: Hoare triple {454#false} assume !false; {454#false} is VALID [2018-11-14 16:22:53,026 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 1 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:22:53,026 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-14 16:22:54,115 INFO L273 TraceCheckUtils]: 19: Hoare triple {454#false} assume !false; {454#false} is VALID [2018-11-14 16:22:54,115 INFO L273 TraceCheckUtils]: 18: Hoare triple {454#false} assume #t~mem2 != 1bv32;havoc #t~mem2; {454#false} is VALID [2018-11-14 16:22:54,116 INFO L273 TraceCheckUtils]: 17: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {454#false} is VALID [2018-11-14 16:22:54,118 INFO L273 TraceCheckUtils]: 16: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:54,119 INFO L273 TraceCheckUtils]: 15: Hoare triple {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:54,119 INFO L273 TraceCheckUtils]: 14: Hoare triple {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:54,120 INFO L273 TraceCheckUtils]: 13: Hoare triple {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:54,121 INFO L273 TraceCheckUtils]: 12: Hoare triple {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume true; {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:54,122 INFO L273 TraceCheckUtils]: 11: Hoare triple {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:54,123 INFO L273 TraceCheckUtils]: 10: Hoare triple {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume true; {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:54,126 INFO L273 TraceCheckUtils]: 9: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {530#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:22:54,127 INFO L273 TraceCheckUtils]: 8: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:54,128 INFO L273 TraceCheckUtils]: 7: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:54,129 INFO L273 TraceCheckUtils]: 6: Hoare triple {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:54,129 INFO L273 TraceCheckUtils]: 5: Hoare triple {453#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {473#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:22:54,129 INFO L256 TraceCheckUtils]: 4: Hoare triple {453#true} call #t~ret4 := main(); {453#true} is VALID [2018-11-14 16:22:54,130 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {453#true} {453#true} #57#return; {453#true} is VALID [2018-11-14 16:22:54,130 INFO L273 TraceCheckUtils]: 2: Hoare triple {453#true} assume true; {453#true} is VALID [2018-11-14 16:22:54,130 INFO L273 TraceCheckUtils]: 1: Hoare triple {453#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {453#true} is VALID [2018-11-14 16:22:54,130 INFO L256 TraceCheckUtils]: 0: Hoare triple {453#true} call ULTIMATE.init(); {453#true} is VALID [2018-11-14 16:22:54,133 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 1 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:22:54,140 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 16:22:54,140 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4] total 6 [2018-11-14 16:22:54,141 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 20 [2018-11-14 16:22:54,141 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 16:22:54,141 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2018-11-14 16:22:54,204 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:54,205 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2018-11-14 16:22:54,205 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2018-11-14 16:22:54,205 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-11-14 16:22:54,206 INFO L87 Difference]: Start difference. First operand 21 states and 22 transitions. Second operand 6 states. [2018-11-14 16:22:54,494 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:54,495 INFO L93 Difference]: Finished difference Result 39 states and 41 transitions. [2018-11-14 16:22:54,495 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-11-14 16:22:54,495 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 20 [2018-11-14 16:22:54,495 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 16:22:54,496 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-14 16:22:54,498 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 38 transitions. [2018-11-14 16:22:54,498 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-14 16:22:54,500 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 38 transitions. [2018-11-14 16:22:54,500 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 38 transitions. [2018-11-14 16:22:54,680 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:22:54,682 INFO L225 Difference]: With dead ends: 39 [2018-11-14 16:22:54,682 INFO L226 Difference]: Without dead ends: 27 [2018-11-14 16:22:54,682 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 35 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-11-14 16:22:54,683 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 27 states. [2018-11-14 16:22:54,711 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 27 to 25. [2018-11-14 16:22:54,712 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 16:22:54,712 INFO L82 GeneralOperation]: Start isEquivalent. First operand 27 states. Second operand 25 states. [2018-11-14 16:22:54,712 INFO L74 IsIncluded]: Start isIncluded. First operand 27 states. Second operand 25 states. [2018-11-14 16:22:54,712 INFO L87 Difference]: Start difference. First operand 27 states. Second operand 25 states. [2018-11-14 16:22:54,714 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:54,714 INFO L93 Difference]: Finished difference Result 27 states and 28 transitions. [2018-11-14 16:22:54,714 INFO L276 IsEmpty]: Start isEmpty. Operand 27 states and 28 transitions. [2018-11-14 16:22:54,715 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:54,715 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:54,715 INFO L74 IsIncluded]: Start isIncluded. First operand 25 states. Second operand 27 states. [2018-11-14 16:22:54,715 INFO L87 Difference]: Start difference. First operand 25 states. Second operand 27 states. [2018-11-14 16:22:54,717 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:22:54,718 INFO L93 Difference]: Finished difference Result 27 states and 28 transitions. [2018-11-14 16:22:54,718 INFO L276 IsEmpty]: Start isEmpty. Operand 27 states and 28 transitions. [2018-11-14 16:22:54,718 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:22:54,719 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:22:54,719 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 16:22:54,719 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 16:22:54,719 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2018-11-14 16:22:54,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 26 transitions. [2018-11-14 16:22:54,721 INFO L78 Accepts]: Start accepts. Automaton has 25 states and 26 transitions. Word has length 20 [2018-11-14 16:22:54,721 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 16:22:54,721 INFO L480 AbstractCegarLoop]: Abstraction has 25 states and 26 transitions. [2018-11-14 16:22:54,721 INFO L481 AbstractCegarLoop]: Interpolant automaton has 6 states. [2018-11-14 16:22:54,722 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 26 transitions. [2018-11-14 16:22:54,722 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2018-11-14 16:22:54,722 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:22:54,723 INFO L375 BasicCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:22:54,723 INFO L423 AbstractCegarLoop]: === Iteration 5 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:22:54,723 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:22:54,723 INFO L82 PathProgramCache]: Analyzing trace with hash -89599247, now seen corresponding path program 2 times [2018-11-14 16:22:54,724 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:22:54,724 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:22:54,743 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2018-11-14 16:22:54,792 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2018-11-14 16:22:54,792 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 16:22:54,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:22:54,812 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:22:54,850 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-14 16:22:54,852 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:54,859 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:54,860 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2018-11-14 16:22:54,862 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:22:54,896 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-14 16:22:54,904 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-14 16:22:54,905 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:54,909 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:54,920 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:54,921 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:20, output treesize:16 [2018-11-14 16:22:54,981 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:22:54,983 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:22:54,985 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 4 [2018-11-14 16:22:54,987 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,001 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,002 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:26, output treesize:20 [2018-11-14 16:22:55,113 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:22:55,121 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:22:55,124 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,131 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,201 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 28 [2018-11-14 16:22:55,212 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-14 16:22:55,213 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,226 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,268 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:22:55,276 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:22:55,278 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,284 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,313 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:55,314 INFO L202 ElimStorePlain]: Needed 7 recursive calls to eliminate 4 variables, input treesize:54, output treesize:45 [2018-11-14 16:22:57,342 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:22:57,549 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 16:22:57,556 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:22:57,558 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:57,563 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:57,592 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 21 [2018-11-14 16:22:57,607 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 12 [2018-11-14 16:22:57,612 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:57,633 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:57,711 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-14 16:22:57,711 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:50, output treesize:24 [2018-11-14 16:22:57,718 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:22:57,829 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 26 treesize of output 24 [2018-11-14 16:22:57,836 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 5 [2018-11-14 16:22:57,838 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:22:57,844 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:57,855 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:22:57,855 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:30, output treesize:5 [2018-11-14 16:22:57,859 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:22:57,880 INFO L256 TraceCheckUtils]: 0: Hoare triple {710#true} call ULTIMATE.init(); {710#true} is VALID [2018-11-14 16:22:57,880 INFO L273 TraceCheckUtils]: 1: Hoare triple {710#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {710#true} is VALID [2018-11-14 16:22:57,881 INFO L273 TraceCheckUtils]: 2: Hoare triple {710#true} assume true; {710#true} is VALID [2018-11-14 16:22:57,881 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {710#true} {710#true} #57#return; {710#true} is VALID [2018-11-14 16:22:57,882 INFO L256 TraceCheckUtils]: 4: Hoare triple {710#true} call #t~ret4 := main(); {710#true} is VALID [2018-11-14 16:22:57,882 INFO L273 TraceCheckUtils]: 5: Hoare triple {710#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {710#true} is VALID [2018-11-14 16:22:57,882 INFO L273 TraceCheckUtils]: 6: Hoare triple {710#true} assume true; {710#true} is VALID [2018-11-14 16:22:57,884 INFO L273 TraceCheckUtils]: 7: Hoare triple {710#true} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {736#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:22:57,887 INFO L273 TraceCheckUtils]: 8: Hoare triple {736#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {736#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:22:57,890 INFO L273 TraceCheckUtils]: 9: Hoare triple {736#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {743#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:57,891 INFO L273 TraceCheckUtils]: 10: Hoare triple {743#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume true; {743#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:57,893 INFO L273 TraceCheckUtils]: 11: Hoare triple {743#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {750#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:57,894 INFO L273 TraceCheckUtils]: 12: Hoare triple {750#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {750#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:57,897 INFO L273 TraceCheckUtils]: 13: Hoare triple {750#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:22:57,898 INFO L273 TraceCheckUtils]: 14: Hoare triple {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume true; {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:22:57,899 INFO L273 TraceCheckUtils]: 15: Hoare triple {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:22:57,900 INFO L273 TraceCheckUtils]: 16: Hoare triple {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume true; {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:22:57,919 INFO L273 TraceCheckUtils]: 17: Hoare triple {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {770#(and (= main_~p~0.offset (_ bv0 32)) (= (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) |main_#t~mem2|) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:22:57,934 INFO L273 TraceCheckUtils]: 18: Hoare triple {770#(and (= main_~p~0.offset (_ bv0 32)) (= (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) |main_#t~mem2|) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:22:57,941 INFO L273 TraceCheckUtils]: 19: Hoare triple {757#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {777#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_14 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_14) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_14 main_~p~0.base)))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:57,942 INFO L273 TraceCheckUtils]: 20: Hoare triple {777#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_14 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_14) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_14 main_~p~0.base)))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)))} assume true; {777#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_14 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_14) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_14 main_~p~0.base)))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:22:57,945 INFO L273 TraceCheckUtils]: 21: Hoare triple {777#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_14 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_14) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_14 main_~p~0.base)))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {784#(= (_ bv1 32) |main_#t~mem2|)} is VALID [2018-11-14 16:22:57,946 INFO L273 TraceCheckUtils]: 22: Hoare triple {784#(= (_ bv1 32) |main_#t~mem2|)} assume #t~mem2 != 1bv32;havoc #t~mem2; {711#false} is VALID [2018-11-14 16:22:57,946 INFO L273 TraceCheckUtils]: 23: Hoare triple {711#false} assume !false; {711#false} is VALID [2018-11-14 16:22:57,950 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 4 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:22:57,950 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-14 16:23:08,571 WARN L307 Elim1Store]: Array PQE input equivalent to true [2018-11-14 16:23:08,571 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:08,572 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:08,573 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:40, output treesize:1 [2018-11-14 16:23:08,586 INFO L273 TraceCheckUtils]: 23: Hoare triple {711#false} assume !false; {711#false} is VALID [2018-11-14 16:23:08,587 INFO L273 TraceCheckUtils]: 22: Hoare triple {784#(= (_ bv1 32) |main_#t~mem2|)} assume #t~mem2 != 1bv32;havoc #t~mem2; {711#false} is VALID [2018-11-14 16:23:08,588 INFO L273 TraceCheckUtils]: 21: Hoare triple {797#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {784#(= (_ bv1 32) |main_#t~mem2|)} is VALID [2018-11-14 16:23:08,594 INFO L273 TraceCheckUtils]: 20: Hoare triple {797#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} assume true; {797#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:23:08,595 INFO L273 TraceCheckUtils]: 19: Hoare triple {804#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {797#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:23:08,596 INFO L273 TraceCheckUtils]: 18: Hoare triple {808#(or (not (= (_ bv1 32) |main_#t~mem2|)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {804#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:23:08,597 INFO L273 TraceCheckUtils]: 17: Hoare triple {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {808#(or (not (= (_ bv1 32) |main_#t~mem2|)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:23:08,598 INFO L273 TraceCheckUtils]: 16: Hoare triple {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} assume true; {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:23:08,598 INFO L273 TraceCheckUtils]: 15: Hoare triple {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:23:08,599 INFO L273 TraceCheckUtils]: 14: Hoare triple {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} assume true; {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:23:08,604 INFO L273 TraceCheckUtils]: 13: Hoare triple {825#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) main_~p~0.base) main_~p~0.offset))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {812#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:23:08,605 INFO L273 TraceCheckUtils]: 12: Hoare triple {825#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) main_~p~0.base) main_~p~0.offset))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {825#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) main_~p~0.base) main_~p~0.offset))} is VALID [2018-11-14 16:23:08,608 INFO L273 TraceCheckUtils]: 11: Hoare triple {832#(forall ((v_main_~t~0.base_8 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_8))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_8 (store (select |#memory_int| v_main_~t~0.base_8) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {825#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) main_~p~0.base) main_~p~0.offset))} is VALID [2018-11-14 16:23:08,609 INFO L273 TraceCheckUtils]: 10: Hoare triple {832#(forall ((v_main_~t~0.base_8 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_8))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_8 (store (select |#memory_int| v_main_~t~0.base_8) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))))} assume true; {832#(forall ((v_main_~t~0.base_8 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_8))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_8 (store (select |#memory_int| v_main_~t~0.base_8) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))))} is VALID [2018-11-14 16:23:08,613 INFO L273 TraceCheckUtils]: 9: Hoare triple {710#true} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {832#(forall ((v_main_~t~0.base_8 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_8))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_8 (store (select |#memory_int| v_main_~t~0.base_8) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))))} is VALID [2018-11-14 16:23:08,614 INFO L273 TraceCheckUtils]: 8: Hoare triple {710#true} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {710#true} is VALID [2018-11-14 16:23:08,614 INFO L273 TraceCheckUtils]: 7: Hoare triple {710#true} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {710#true} is VALID [2018-11-14 16:23:08,614 INFO L273 TraceCheckUtils]: 6: Hoare triple {710#true} assume true; {710#true} is VALID [2018-11-14 16:23:08,614 INFO L273 TraceCheckUtils]: 5: Hoare triple {710#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {710#true} is VALID [2018-11-14 16:23:08,615 INFO L256 TraceCheckUtils]: 4: Hoare triple {710#true} call #t~ret4 := main(); {710#true} is VALID [2018-11-14 16:23:08,615 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {710#true} {710#true} #57#return; {710#true} is VALID [2018-11-14 16:23:08,615 INFO L273 TraceCheckUtils]: 2: Hoare triple {710#true} assume true; {710#true} is VALID [2018-11-14 16:23:08,615 INFO L273 TraceCheckUtils]: 1: Hoare triple {710#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {710#true} is VALID [2018-11-14 16:23:08,616 INFO L256 TraceCheckUtils]: 0: Hoare triple {710#true} call ULTIMATE.init(); {710#true} is VALID [2018-11-14 16:23:08,619 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 6 proven. 5 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:23:08,623 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 16:23:08,623 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9] total 15 [2018-11-14 16:23:08,623 INFO L78 Accepts]: Start accepts. Automaton has 15 states. Word has length 24 [2018-11-14 16:23:08,624 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 16:23:08,624 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 15 states. [2018-11-14 16:23:08,738 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:23:08,739 INFO L459 AbstractCegarLoop]: Interpolant automaton has 15 states [2018-11-14 16:23:08,739 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2018-11-14 16:23:08,739 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=153, Unknown=1, NotChecked=0, Total=210 [2018-11-14 16:23:08,740 INFO L87 Difference]: Start difference. First operand 25 states and 26 transitions. Second operand 15 states. [2018-11-14 16:23:10,237 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:23:10,238 INFO L93 Difference]: Finished difference Result 34 states and 35 transitions. [2018-11-14 16:23:10,238 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2018-11-14 16:23:10,238 INFO L78 Accepts]: Start accepts. Automaton has 15 states. Word has length 24 [2018-11-14 16:23:10,238 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 16:23:10,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 15 states. [2018-11-14 16:23:10,241 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 35 transitions. [2018-11-14 16:23:10,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 15 states. [2018-11-14 16:23:10,243 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 35 transitions. [2018-11-14 16:23:10,244 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 35 transitions. [2018-11-14 16:23:10,354 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:23:10,356 INFO L225 Difference]: With dead ends: 34 [2018-11-14 16:23:10,356 INFO L226 Difference]: Without dead ends: 32 [2018-11-14 16:23:10,356 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 56 GetRequests, 36 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 44 ImplicationChecksByTransitivity, 7.0s TimeCoverageRelationStatistics Valid=137, Invalid=324, Unknown=1, NotChecked=0, Total=462 [2018-11-14 16:23:10,357 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32 states. [2018-11-14 16:23:10,382 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32 to 29. [2018-11-14 16:23:10,383 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 16:23:10,383 INFO L82 GeneralOperation]: Start isEquivalent. First operand 32 states. Second operand 29 states. [2018-11-14 16:23:10,383 INFO L74 IsIncluded]: Start isIncluded. First operand 32 states. Second operand 29 states. [2018-11-14 16:23:10,383 INFO L87 Difference]: Start difference. First operand 32 states. Second operand 29 states. [2018-11-14 16:23:10,386 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:23:10,386 INFO L93 Difference]: Finished difference Result 32 states and 33 transitions. [2018-11-14 16:23:10,386 INFO L276 IsEmpty]: Start isEmpty. Operand 32 states and 33 transitions. [2018-11-14 16:23:10,387 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:23:10,387 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:23:10,388 INFO L74 IsIncluded]: Start isIncluded. First operand 29 states. Second operand 32 states. [2018-11-14 16:23:10,388 INFO L87 Difference]: Start difference. First operand 29 states. Second operand 32 states. [2018-11-14 16:23:10,390 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:23:10,390 INFO L93 Difference]: Finished difference Result 32 states and 33 transitions. [2018-11-14 16:23:10,390 INFO L276 IsEmpty]: Start isEmpty. Operand 32 states and 33 transitions. [2018-11-14 16:23:10,391 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:23:10,391 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:23:10,391 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 16:23:10,392 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 16:23:10,392 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 29 states. [2018-11-14 16:23:10,393 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 29 states to 29 states and 30 transitions. [2018-11-14 16:23:10,393 INFO L78 Accepts]: Start accepts. Automaton has 29 states and 30 transitions. Word has length 24 [2018-11-14 16:23:10,394 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 16:23:10,394 INFO L480 AbstractCegarLoop]: Abstraction has 29 states and 30 transitions. [2018-11-14 16:23:10,394 INFO L481 AbstractCegarLoop]: Interpolant automaton has 15 states. [2018-11-14 16:23:10,394 INFO L276 IsEmpty]: Start isEmpty. Operand 29 states and 30 transitions. [2018-11-14 16:23:10,395 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2018-11-14 16:23:10,395 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:23:10,395 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:23:10,395 INFO L423 AbstractCegarLoop]: === Iteration 6 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:23:10,396 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:23:10,396 INFO L82 PathProgramCache]: Analyzing trace with hash 202428985, now seen corresponding path program 3 times [2018-11-14 16:23:10,396 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:23:10,396 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:23:10,416 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2018-11-14 16:23:10,490 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2018-11-14 16:23:10,490 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 16:23:10,510 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:23:10,512 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:23:10,567 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-14 16:23:10,570 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,583 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,584 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:16, output treesize:15 [2018-11-14 16:23:10,588 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:10,641 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:23:10,645 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:23:10,647 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,692 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,720 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:23:10,726 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:23:10,729 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,741 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,755 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,756 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:35, output treesize:27 [2018-11-14 16:23:10,865 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:10,867 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:10,868 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 4 [2018-11-14 16:23:10,869 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,892 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:10,893 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:35, output treesize:29 [2018-11-14 16:23:11,094 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 22 [2018-11-14 16:23:11,113 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:23:11,114 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,126 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,191 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 22 [2018-11-14 16:23:11,197 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:23:11,202 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,214 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,238 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,238 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:48, output treesize:49 [2018-11-14 16:23:11,608 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 53 treesize of output 43 [2018-11-14 16:23:11,616 INFO L682 Elim1Store]: detected equality via solver [2018-11-14 16:23:11,617 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 16:23:11,618 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,668 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 11 [2018-11-14 16:23:11,670 INFO L267 ElimStorePlain]: Start of recursive call 4: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,677 INFO L267 ElimStorePlain]: Start of recursive call 2: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,770 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 22 [2018-11-14 16:23:11,828 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 4 [2018-11-14 16:23:11,853 INFO L267 ElimStorePlain]: Start of recursive call 6: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,867 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:23:11,868 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,870 INFO L267 ElimStorePlain]: Start of recursive call 5: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,879 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:11,879 INFO L202 ElimStorePlain]: Needed 7 recursive calls to eliminate 3 variables, input treesize:72, output treesize:7 [2018-11-14 16:23:11,887 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:11,891 INFO L256 TraceCheckUtils]: 0: Hoare triple {1025#true} call ULTIMATE.init(); {1025#true} is VALID [2018-11-14 16:23:11,891 INFO L273 TraceCheckUtils]: 1: Hoare triple {1025#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1025#true} is VALID [2018-11-14 16:23:11,892 INFO L273 TraceCheckUtils]: 2: Hoare triple {1025#true} assume true; {1025#true} is VALID [2018-11-14 16:23:11,892 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1025#true} {1025#true} #57#return; {1025#true} is VALID [2018-11-14 16:23:11,893 INFO L256 TraceCheckUtils]: 4: Hoare triple {1025#true} call #t~ret4 := main(); {1025#true} is VALID [2018-11-14 16:23:11,895 INFO L273 TraceCheckUtils]: 5: Hoare triple {1025#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:11,896 INFO L273 TraceCheckUtils]: 6: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:11,897 INFO L273 TraceCheckUtils]: 7: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1052#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:23:11,898 INFO L273 TraceCheckUtils]: 8: Hoare triple {1052#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1052#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:23:11,900 INFO L273 TraceCheckUtils]: 9: Hoare triple {1052#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1059#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} is VALID [2018-11-14 16:23:11,900 INFO L273 TraceCheckUtils]: 10: Hoare triple {1059#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} assume true; {1059#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} is VALID [2018-11-14 16:23:11,901 INFO L273 TraceCheckUtils]: 11: Hoare triple {1059#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1066#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:11,902 INFO L273 TraceCheckUtils]: 12: Hoare triple {1066#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1066#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:11,906 INFO L273 TraceCheckUtils]: 13: Hoare triple {1066#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:11,907 INFO L273 TraceCheckUtils]: 14: Hoare triple {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume true; {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:11,908 INFO L273 TraceCheckUtils]: 15: Hoare triple {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:11,909 INFO L273 TraceCheckUtils]: 16: Hoare triple {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume true; {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:11,909 INFO L273 TraceCheckUtils]: 17: Hoare triple {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:11,910 INFO L273 TraceCheckUtils]: 18: Hoare triple {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:11,914 INFO L273 TraceCheckUtils]: 19: Hoare triple {1073#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:11,914 INFO L273 TraceCheckUtils]: 20: Hoare triple {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} assume true; {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:11,915 INFO L273 TraceCheckUtils]: 21: Hoare triple {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:11,916 INFO L273 TraceCheckUtils]: 22: Hoare triple {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:11,918 INFO L273 TraceCheckUtils]: 23: Hoare triple {1092#(exists ((v_main_~p~0.base_20 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)) main_~p~0.base) (not (= v_main_~p~0.base_20 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_20) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_20) (_ bv4 32))) (_ bv4 32)))))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:11,919 INFO L273 TraceCheckUtils]: 24: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:11,919 INFO L273 TraceCheckUtils]: 25: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1026#false} is VALID [2018-11-14 16:23:11,920 INFO L273 TraceCheckUtils]: 26: Hoare triple {1026#false} assume #t~mem2 != 1bv32;havoc #t~mem2; {1026#false} is VALID [2018-11-14 16:23:11,920 INFO L273 TraceCheckUtils]: 27: Hoare triple {1026#false} assume !false; {1026#false} is VALID [2018-11-14 16:23:11,925 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 2 proven. 16 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:23:11,925 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-14 16:23:22,477 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 44 treesize of output 35 [2018-11-14 16:23:22,572 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 10 [2018-11-14 16:23:22,578 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,606 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 16 [2018-11-14 16:23:22,621 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 3 [2018-11-14 16:23:22,625 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,628 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,646 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 2 xjuncts. [2018-11-14 16:23:22,716 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 44 treesize of output 35 [2018-11-14 16:23:22,792 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 10 [2018-11-14 16:23:22,794 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,848 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 16 [2018-11-14 16:23:22,859 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 3 [2018-11-14 16:23:22,863 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,874 INFO L267 ElimStorePlain]: Start of recursive call 8: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,877 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 17 [2018-11-14 16:23:22,903 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2018-11-14 16:23:22,905 INFO L267 ElimStorePlain]: Start of recursive call 11: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,910 INFO L267 ElimStorePlain]: Start of recursive call 10: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:22,938 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 4 xjuncts. [2018-11-14 16:23:23,056 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-2 vars, End of recursive call: 4 dim-0 vars, and 5 xjuncts. [2018-11-14 16:23:23,056 INFO L202 ElimStorePlain]: Needed 11 recursive calls to eliminate 4 variables, input treesize:89, output treesize:67 [2018-11-14 16:23:25,079 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:25,368 INFO L273 TraceCheckUtils]: 27: Hoare triple {1026#false} assume !false; {1026#false} is VALID [2018-11-14 16:23:25,368 INFO L273 TraceCheckUtils]: 26: Hoare triple {1026#false} assume #t~mem2 != 1bv32;havoc #t~mem2; {1026#false} is VALID [2018-11-14 16:23:25,369 INFO L273 TraceCheckUtils]: 25: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1026#false} is VALID [2018-11-14 16:23:25,369 INFO L273 TraceCheckUtils]: 24: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:25,370 INFO L273 TraceCheckUtils]: 23: Hoare triple {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:25,371 INFO L273 TraceCheckUtils]: 22: Hoare triple {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:25,372 INFO L273 TraceCheckUtils]: 21: Hoare triple {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:25,373 INFO L273 TraceCheckUtils]: 20: Hoare triple {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume true; {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:25,374 INFO L273 TraceCheckUtils]: 19: Hoare triple {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1129#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:25,375 INFO L273 TraceCheckUtils]: 18: Hoare triple {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:25,376 INFO L273 TraceCheckUtils]: 17: Hoare triple {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:25,377 INFO L273 TraceCheckUtils]: 16: Hoare triple {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} assume true; {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:25,378 INFO L273 TraceCheckUtils]: 15: Hoare triple {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:25,379 INFO L273 TraceCheckUtils]: 14: Hoare triple {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} assume true; {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:25,485 INFO L273 TraceCheckUtils]: 13: Hoare triple {1161#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1142#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:23:25,486 INFO L273 TraceCheckUtils]: 12: Hoare triple {1161#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1161#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:25,489 INFO L273 TraceCheckUtils]: 11: Hoare triple {1168#(and (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= (select (select (store |#memory_$Pointer$.base| v_prenex_1 (store (select |#memory_$Pointer$.base| v_prenex_1) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_9 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_9) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1161#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))} is VALID [2018-11-14 16:23:25,490 INFO L273 TraceCheckUtils]: 10: Hoare triple {1168#(and (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= (select (select (store |#memory_$Pointer$.base| v_prenex_1 (store (select |#memory_$Pointer$.base| v_prenex_1) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_9 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_9) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))))} assume true; {1168#(and (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= (select (select (store |#memory_$Pointer$.base| v_prenex_1 (store (select |#memory_$Pointer$.base| v_prenex_1) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_9 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_9) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))))} is VALID [2018-11-14 16:23:25,501 INFO L273 TraceCheckUtils]: 9: Hoare triple {1175#(and (or (not (= (select |#valid| main_~t~0.base) (_ bv0 1))) (= main_~t~0.base (_ bv0 32)) (not (= (_ bv0 32) main_~t~0.offset))) (or (= main_~p~0.offset (_ bv0 32)) (= main_~t~0.offset (_ bv0 32)) (forall ((v_prenex_3 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_3))))) (or (forall ((v_prenex_2 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_2)))) (= (_ bv0 32) main_~t~0.offset) (= (_ bv0 32) main_~p~0.base)) (or (= (_ bv0 32) main_~p~0.base) (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= main_~t~0.base v_prenex_1)))) (or (= main_~p~0.offset (_ bv0 32)) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= main_~t~0.base v_main_~t~0.base_9)))))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1168#(and (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= (select (select (store |#memory_$Pointer$.base| v_prenex_1 (store (select |#memory_$Pointer$.base| v_prenex_1) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)))) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_9 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_9) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))))} is VALID [2018-11-14 16:23:25,502 INFO L273 TraceCheckUtils]: 8: Hoare triple {1175#(and (or (not (= (select |#valid| main_~t~0.base) (_ bv0 1))) (= main_~t~0.base (_ bv0 32)) (not (= (_ bv0 32) main_~t~0.offset))) (or (= main_~p~0.offset (_ bv0 32)) (= main_~t~0.offset (_ bv0 32)) (forall ((v_prenex_3 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_3))))) (or (forall ((v_prenex_2 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_2)))) (= (_ bv0 32) main_~t~0.offset) (= (_ bv0 32) main_~p~0.base)) (or (= (_ bv0 32) main_~p~0.base) (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= main_~t~0.base v_prenex_1)))) (or (= main_~p~0.offset (_ bv0 32)) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= main_~t~0.base v_main_~t~0.base_9)))))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1175#(and (or (not (= (select |#valid| main_~t~0.base) (_ bv0 1))) (= main_~t~0.base (_ bv0 32)) (not (= (_ bv0 32) main_~t~0.offset))) (or (= main_~p~0.offset (_ bv0 32)) (= main_~t~0.offset (_ bv0 32)) (forall ((v_prenex_3 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_3))))) (or (forall ((v_prenex_2 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_2)))) (= (_ bv0 32) main_~t~0.offset) (= (_ bv0 32) main_~p~0.base)) (or (= (_ bv0 32) main_~p~0.base) (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= main_~t~0.base v_prenex_1)))) (or (= main_~p~0.offset (_ bv0 32)) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= main_~t~0.base v_main_~t~0.base_9)))))} is VALID [2018-11-14 16:23:25,504 INFO L273 TraceCheckUtils]: 7: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1175#(and (or (not (= (select |#valid| main_~t~0.base) (_ bv0 1))) (= main_~t~0.base (_ bv0 32)) (not (= (_ bv0 32) main_~t~0.offset))) (or (= main_~p~0.offset (_ bv0 32)) (= main_~t~0.offset (_ bv0 32)) (forall ((v_prenex_3 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_3))))) (or (forall ((v_prenex_2 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_prenex_2)))) (= (_ bv0 32) main_~t~0.offset) (= (_ bv0 32) main_~p~0.base)) (or (= (_ bv0 32) main_~p~0.base) (forall ((v_prenex_1 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_1))) (= main_~t~0.base v_prenex_1)))) (or (= main_~p~0.offset (_ bv0 32)) (forall ((v_main_~t~0.base_9 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_main_~t~0.base_9))) (= main_~t~0.base v_main_~t~0.base_9)))))} is VALID [2018-11-14 16:23:25,504 INFO L273 TraceCheckUtils]: 6: Hoare triple {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:25,505 INFO L273 TraceCheckUtils]: 5: Hoare triple {1025#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {1045#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:23:25,505 INFO L256 TraceCheckUtils]: 4: Hoare triple {1025#true} call #t~ret4 := main(); {1025#true} is VALID [2018-11-14 16:23:25,505 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1025#true} {1025#true} #57#return; {1025#true} is VALID [2018-11-14 16:23:25,506 INFO L273 TraceCheckUtils]: 2: Hoare triple {1025#true} assume true; {1025#true} is VALID [2018-11-14 16:23:25,506 INFO L273 TraceCheckUtils]: 1: Hoare triple {1025#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1025#true} is VALID [2018-11-14 16:23:25,506 INFO L256 TraceCheckUtils]: 0: Hoare triple {1025#true} call ULTIMATE.init(); {1025#true} is VALID [2018-11-14 16:23:25,511 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 2 proven. 16 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:23:25,512 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 16:23:25,512 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 13 [2018-11-14 16:23:25,513 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 28 [2018-11-14 16:23:25,513 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 16:23:25,513 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states. [2018-11-14 16:23:25,868 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 45 edges. 45 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:23:25,868 INFO L459 AbstractCegarLoop]: Interpolant automaton has 13 states [2018-11-14 16:23:25,868 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2018-11-14 16:23:25,869 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=31, Invalid=125, Unknown=0, NotChecked=0, Total=156 [2018-11-14 16:23:25,869 INFO L87 Difference]: Start difference. First operand 29 states and 30 transitions. Second operand 13 states. [2018-11-14 16:23:29,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:23:29,355 INFO L93 Difference]: Finished difference Result 51 states and 53 transitions. [2018-11-14 16:23:29,355 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2018-11-14 16:23:29,355 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 28 [2018-11-14 16:23:29,355 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 16:23:29,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2018-11-14 16:23:29,357 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 46 transitions. [2018-11-14 16:23:29,357 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2018-11-14 16:23:29,359 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 46 transitions. [2018-11-14 16:23:29,359 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 46 transitions. [2018-11-14 16:23:29,438 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 46 edges. 46 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:23:29,439 INFO L225 Difference]: With dead ends: 51 [2018-11-14 16:23:29,439 INFO L226 Difference]: Without dead ends: 35 [2018-11-14 16:23:29,440 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 56 GetRequests, 44 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 22 ImplicationChecksByTransitivity, 4.8s TimeCoverageRelationStatistics Valid=38, Invalid=144, Unknown=0, NotChecked=0, Total=182 [2018-11-14 16:23:29,441 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 35 states. [2018-11-14 16:23:29,524 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 35 to 33. [2018-11-14 16:23:29,524 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 16:23:29,524 INFO L82 GeneralOperation]: Start isEquivalent. First operand 35 states. Second operand 33 states. [2018-11-14 16:23:29,525 INFO L74 IsIncluded]: Start isIncluded. First operand 35 states. Second operand 33 states. [2018-11-14 16:23:29,525 INFO L87 Difference]: Start difference. First operand 35 states. Second operand 33 states. [2018-11-14 16:23:29,528 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:23:29,528 INFO L93 Difference]: Finished difference Result 35 states and 36 transitions. [2018-11-14 16:23:29,528 INFO L276 IsEmpty]: Start isEmpty. Operand 35 states and 36 transitions. [2018-11-14 16:23:29,529 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:23:29,529 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:23:29,529 INFO L74 IsIncluded]: Start isIncluded. First operand 33 states. Second operand 35 states. [2018-11-14 16:23:29,529 INFO L87 Difference]: Start difference. First operand 33 states. Second operand 35 states. [2018-11-14 16:23:29,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:23:29,531 INFO L93 Difference]: Finished difference Result 35 states and 36 transitions. [2018-11-14 16:23:29,531 INFO L276 IsEmpty]: Start isEmpty. Operand 35 states and 36 transitions. [2018-11-14 16:23:29,532 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:23:29,532 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:23:29,532 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 16:23:29,532 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 16:23:29,532 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 33 states. [2018-11-14 16:23:29,536 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 33 states to 33 states and 34 transitions. [2018-11-14 16:23:29,536 INFO L78 Accepts]: Start accepts. Automaton has 33 states and 34 transitions. Word has length 28 [2018-11-14 16:23:29,537 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 16:23:29,537 INFO L480 AbstractCegarLoop]: Abstraction has 33 states and 34 transitions. [2018-11-14 16:23:29,537 INFO L481 AbstractCegarLoop]: Interpolant automaton has 13 states. [2018-11-14 16:23:29,537 INFO L276 IsEmpty]: Start isEmpty. Operand 33 states and 34 transitions. [2018-11-14 16:23:29,538 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2018-11-14 16:23:29,538 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:23:29,538 INFO L375 BasicCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:23:29,538 INFO L423 AbstractCegarLoop]: === Iteration 7 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:23:29,538 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:23:29,539 INFO L82 PathProgramCache]: Analyzing trace with hash -1375852479, now seen corresponding path program 4 times [2018-11-14 16:23:29,539 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:23:29,539 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 8 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:23:29,554 INFO L101 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2018-11-14 16:23:29,623 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2018-11-14 16:23:29,623 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 16:23:29,653 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:23:29,655 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:23:29,683 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-14 16:23:29,687 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:29,692 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:29,693 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2018-11-14 16:23:29,697 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:29,728 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-14 16:23:29,733 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-14 16:23:29,735 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:29,737 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:29,747 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:29,748 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:20, output treesize:16 [2018-11-14 16:23:29,866 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:29,868 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:29,869 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 21 [2018-11-14 16:23:29,872 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:29,896 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:29,897 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:32, output treesize:30 [2018-11-14 16:23:29,903 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:30,003 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:23:30,013 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:23:30,016 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,024 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,111 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 28 [2018-11-14 16:23:30,185 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-14 16:23:30,208 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,280 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,329 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:23:30,335 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:23:30,337 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,341 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,385 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,385 INFO L202 ElimStorePlain]: Needed 7 recursive calls to eliminate 4 variables, input treesize:64, output treesize:61 [2018-11-14 16:23:30,444 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:30,541 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:30,542 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:30,543 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:30,545 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 25 [2018-11-14 16:23:30,552 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,591 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,592 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:69, output treesize:62 [2018-11-14 16:23:30,756 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 20 [2018-11-14 16:23:30,767 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-14 16:23:30,769 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,792 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,890 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:30,900 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 39 treesize of output 49 [2018-11-14 16:23:30,913 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 16 [2018-11-14 16:23:30,919 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:30,942 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:31,013 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:31,035 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 53 [2018-11-14 16:23:31,043 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-14 16:23:31,044 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:31,065 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:31,123 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:31,123 INFO L202 ElimStorePlain]: Needed 7 recursive calls to eliminate 4 variables, input treesize:84, output treesize:87 [2018-11-14 16:23:32,066 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:32,093 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 53 treesize of output 43 [2018-11-14 16:23:32,115 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 30 treesize of output 17 [2018-11-14 16:23:32,117 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:32,147 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:23:32,148 INFO L267 ElimStorePlain]: Start of recursive call 4: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:32,164 INFO L267 ElimStorePlain]: Start of recursive call 2: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:32,208 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:32,210 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:23:32,210 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 68 treesize of output 55 [2018-11-14 16:23:32,235 INFO L477 Elim1Store]: Elim1 applied some preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 28 treesize of output 32 [2018-11-14 16:23:32,253 INFO L267 ElimStorePlain]: Start of recursive call 6: 3 dim-0 vars, End of recursive call: 3 dim-0 vars, and 2 xjuncts. [2018-11-14 16:23:32,319 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 40 treesize of output 29 [2018-11-14 16:23:32,320 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:32,338 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 48 treesize of output 43 [2018-11-14 16:23:32,343 INFO L267 ElimStorePlain]: Start of recursive call 8: End of recursive call: and 2 xjuncts. [2018-11-14 16:23:32,404 INFO L267 ElimStorePlain]: Start of recursive call 5: 2 dim-1 vars, End of recursive call: 2 dim-0 vars, and 2 xjuncts. [2018-11-14 16:23:32,464 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: 4 dim-0 vars, and 2 xjuncts. [2018-11-14 16:23:32,464 INFO L202 ElimStorePlain]: Needed 8 recursive calls to eliminate 3 variables, input treesize:118, output treesize:85 [2018-11-14 16:23:32,477 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:32,879 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 33 treesize of output 37 [2018-11-14 16:23:32,893 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:23:32,899 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:32,912 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:32,932 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:32,932 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:45, output treesize:3 [2018-11-14 16:23:32,936 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:23:32,980 INFO L256 TraceCheckUtils]: 0: Hoare triple {1377#true} call ULTIMATE.init(); {1377#true} is VALID [2018-11-14 16:23:32,980 INFO L273 TraceCheckUtils]: 1: Hoare triple {1377#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1377#true} is VALID [2018-11-14 16:23:32,980 INFO L273 TraceCheckUtils]: 2: Hoare triple {1377#true} assume true; {1377#true} is VALID [2018-11-14 16:23:32,980 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1377#true} {1377#true} #57#return; {1377#true} is VALID [2018-11-14 16:23:32,981 INFO L256 TraceCheckUtils]: 4: Hoare triple {1377#true} call #t~ret4 := main(); {1377#true} is VALID [2018-11-14 16:23:32,981 INFO L273 TraceCheckUtils]: 5: Hoare triple {1377#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {1377#true} is VALID [2018-11-14 16:23:32,981 INFO L273 TraceCheckUtils]: 6: Hoare triple {1377#true} assume true; {1377#true} is VALID [2018-11-14 16:23:32,982 INFO L273 TraceCheckUtils]: 7: Hoare triple {1377#true} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1403#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:23:32,984 INFO L273 TraceCheckUtils]: 8: Hoare triple {1403#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1403#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:23:32,986 INFO L273 TraceCheckUtils]: 9: Hoare triple {1403#(and (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1410#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:23:32,987 INFO L273 TraceCheckUtils]: 10: Hoare triple {1410#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume true; {1410#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-14 16:23:32,989 INFO L273 TraceCheckUtils]: 11: Hoare triple {1410#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1417#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:23:32,991 INFO L273 TraceCheckUtils]: 12: Hoare triple {1417#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1417#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:23:32,994 INFO L273 TraceCheckUtils]: 13: Hoare triple {1417#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1424#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,000 INFO L273 TraceCheckUtils]: 14: Hoare triple {1424#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume true; {1424#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,003 INFO L273 TraceCheckUtils]: 15: Hoare triple {1424#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1431#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= main_~t~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,008 INFO L273 TraceCheckUtils]: 16: Hoare triple {1431#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= main_~t~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1431#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= main_~t~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,012 INFO L273 TraceCheckUtils]: 17: Hoare triple {1431#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv0 32))) (= main_~t~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,013 INFO L273 TraceCheckUtils]: 18: Hoare triple {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} assume true; {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,016 INFO L273 TraceCheckUtils]: 19: Hoare triple {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,023 INFO L273 TraceCheckUtils]: 20: Hoare triple {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} assume true; {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,025 INFO L273 TraceCheckUtils]: 21: Hoare triple {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1451#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) |main_#t~mem2|) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,026 INFO L273 TraceCheckUtils]: 22: Hoare triple {1451#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) |main_#t~mem2|) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} is VALID [2018-11-14 16:23:33,030 INFO L273 TraceCheckUtils]: 23: Hoare triple {1438#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv0 32))) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (_ bv4 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32))) (= (bvadd (select (select |#memory_int| main_~p~0.base) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (_ bv4 32))) (_ bv4 32)) main_~p~0.base)))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} is VALID [2018-11-14 16:23:33,041 INFO L273 TraceCheckUtils]: 24: Hoare triple {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} assume true; {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} is VALID [2018-11-14 16:23:33,043 INFO L273 TraceCheckUtils]: 25: Hoare triple {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} is VALID [2018-11-14 16:23:33,045 INFO L273 TraceCheckUtils]: 26: Hoare triple {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} is VALID [2018-11-14 16:23:33,048 INFO L273 TraceCheckUtils]: 27: Hoare triple {1458#(exists ((v_main_~p~0.base_29 (_ BitVec 32))) (and (not (= v_main_~p~0.base_29 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)))) (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_29) (_ bv4 32)) main_~p~0.offset) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_29) (_ bv4 32))))))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1471#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_29 (_ BitVec 32)) (v_arrayElimCell_40 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_29 main_~p~0.base)) (= (bvadd (select (select |#memory_int| v_arrayElimCell_40) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= main_~p~0.base v_arrayElimCell_40)) (not (= v_main_~p~0.base_29 v_arrayElimCell_40)))) (= (_ bv1 32) (select (select |#memory_int| main_~p~0.base) (_ bv0 32))))} is VALID [2018-11-14 16:23:33,053 INFO L273 TraceCheckUtils]: 28: Hoare triple {1471#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_29 (_ BitVec 32)) (v_arrayElimCell_40 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_29 main_~p~0.base)) (= (bvadd (select (select |#memory_int| v_arrayElimCell_40) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= main_~p~0.base v_arrayElimCell_40)) (not (= v_main_~p~0.base_29 v_arrayElimCell_40)))) (= (_ bv1 32) (select (select |#memory_int| main_~p~0.base) (_ bv0 32))))} assume true; {1471#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_29 (_ BitVec 32)) (v_arrayElimCell_40 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_29 main_~p~0.base)) (= (bvadd (select (select |#memory_int| v_arrayElimCell_40) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= main_~p~0.base v_arrayElimCell_40)) (not (= v_main_~p~0.base_29 v_arrayElimCell_40)))) (= (_ bv1 32) (select (select |#memory_int| main_~p~0.base) (_ bv0 32))))} is VALID [2018-11-14 16:23:33,054 INFO L273 TraceCheckUtils]: 29: Hoare triple {1471#(and (= main_~p~0.offset (_ bv0 32)) (exists ((v_main_~p~0.base_29 (_ BitVec 32)) (v_arrayElimCell_40 (_ BitVec 32))) (and (= (bvadd (select (select |#memory_int| v_main_~p~0.base_29) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= v_main_~p~0.base_29 main_~p~0.base)) (= (bvadd (select (select |#memory_int| v_arrayElimCell_40) (_ bv0 32)) (_ bv4294967295 32)) (_ bv0 32)) (not (= main_~p~0.base v_arrayElimCell_40)) (not (= v_main_~p~0.base_29 v_arrayElimCell_40)))) (= (_ bv1 32) (select (select |#memory_int| main_~p~0.base) (_ bv0 32))))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1478#(= (_ bv1 32) |main_#t~mem2|)} is VALID [2018-11-14 16:23:33,057 INFO L273 TraceCheckUtils]: 30: Hoare triple {1478#(= (_ bv1 32) |main_#t~mem2|)} assume #t~mem2 != 1bv32;havoc #t~mem2; {1378#false} is VALID [2018-11-14 16:23:33,057 INFO L273 TraceCheckUtils]: 31: Hoare triple {1378#false} assume !false; {1378#false} is VALID [2018-11-14 16:23:33,064 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 10 proven. 18 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:23:33,064 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-14 16:23:45,008 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 101 treesize of output 93 [2018-11-14 16:23:45,136 WARN L179 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 47 DAG size of output: 41 [2018-11-14 16:23:45,144 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 10 [2018-11-14 16:23:45,146 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,208 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 84 treesize of output 80 [2018-11-14 16:23:45,223 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 80 treesize of output 67 [2018-11-14 16:23:45,239 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,251 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,289 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 2 xjuncts. [2018-11-14 16:23:45,382 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 71 treesize of output 62 [2018-11-14 16:23:45,480 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 10 [2018-11-14 16:23:45,489 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,563 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 50 treesize of output 46 [2018-11-14 16:23:45,572 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 33 [2018-11-14 16:23:45,575 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,584 INFO L267 ElimStorePlain]: Start of recursive call 8: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,601 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,615 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 71 treesize of output 62 [2018-11-14 16:23:45,712 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 10 [2018-11-14 16:23:45,714 INFO L267 ElimStorePlain]: Start of recursive call 11: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,749 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 50 treesize of output 46 [2018-11-14 16:23:45,759 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 33 [2018-11-14 16:23:45,761 INFO L267 ElimStorePlain]: Start of recursive call 13: End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,769 INFO L267 ElimStorePlain]: Start of recursive call 12: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,788 INFO L267 ElimStorePlain]: Start of recursive call 10: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:23:45,846 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: 2 dim-0 vars, and 2 xjuncts. [2018-11-14 16:23:45,846 INFO L202 ElimStorePlain]: Needed 13 recursive calls to eliminate 3 variables, input treesize:108, output treesize:87 [2018-11-14 16:24:04,588 WARN L179 SmtUtils]: Spent 8.19 s on a formula simplification that was a NOOP. DAG size: 40 [2018-11-14 16:24:20,874 WARN L307 Elim1Store]: Array PQE input equivalent to true [2018-11-14 16:24:20,875 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:20,876 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:20,876 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:84, output treesize:1 [2018-11-14 16:24:20,890 INFO L273 TraceCheckUtils]: 31: Hoare triple {1378#false} assume !false; {1378#false} is VALID [2018-11-14 16:24:20,891 INFO L273 TraceCheckUtils]: 30: Hoare triple {1478#(= (_ bv1 32) |main_#t~mem2|)} assume #t~mem2 != 1bv32;havoc #t~mem2; {1378#false} is VALID [2018-11-14 16:24:20,892 INFO L273 TraceCheckUtils]: 29: Hoare triple {1491#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1478#(= (_ bv1 32) |main_#t~mem2|)} is VALID [2018-11-14 16:24:20,893 INFO L273 TraceCheckUtils]: 28: Hoare triple {1491#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} assume true; {1491#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:24:20,895 INFO L273 TraceCheckUtils]: 27: Hoare triple {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1491#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:24:20,896 INFO L273 TraceCheckUtils]: 26: Hoare triple {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:24:20,896 INFO L273 TraceCheckUtils]: 25: Hoare triple {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:24:20,897 INFO L273 TraceCheckUtils]: 24: Hoare triple {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} assume true; {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:24:20,899 INFO L273 TraceCheckUtils]: 23: Hoare triple {1511#(= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1498#(= (bvadd (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-14 16:24:20,901 INFO L273 TraceCheckUtils]: 22: Hoare triple {1515#(or (not (= (_ bv1 32) |main_#t~mem2|)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1511#(= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))))} is VALID [2018-11-14 16:24:20,902 INFO L273 TraceCheckUtils]: 21: Hoare triple {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1515#(or (not (= (_ bv1 32) |main_#t~mem2|)) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} is VALID [2018-11-14 16:24:20,903 INFO L273 TraceCheckUtils]: 20: Hoare triple {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} assume true; {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} is VALID [2018-11-14 16:24:20,904 INFO L273 TraceCheckUtils]: 19: Hoare triple {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} is VALID [2018-11-14 16:24:20,904 INFO L273 TraceCheckUtils]: 18: Hoare triple {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} assume true; {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} is VALID [2018-11-14 16:24:21,340 INFO L273 TraceCheckUtils]: 17: Hoare triple {1532#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1519#(or (not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32))) (= (_ bv1 32) (select (select |#memory_int| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))))} is VALID [2018-11-14 16:24:21,341 INFO L273 TraceCheckUtils]: 16: Hoare triple {1532#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1532#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} is VALID [2018-11-14 16:24:21,344 INFO L273 TraceCheckUtils]: 15: Hoare triple {1539#(forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_12 (store (select |#memory_int| v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.base| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1532#(= (_ bv1 32) (select (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| main_~t~0.base (store (select |#memory_$Pointer$.base| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| main_~t~0.base (store (select |#memory_$Pointer$.offset| main_~t~0.base) (bvadd main_~t~0.offset (_ bv4 32)) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} is VALID [2018-11-14 16:24:21,345 INFO L273 TraceCheckUtils]: 14: Hoare triple {1539#(forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_12 (store (select |#memory_int| v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.base| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))))} assume true; {1539#(forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_12 (store (select |#memory_int| v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.base| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:21,355 INFO L273 TraceCheckUtils]: 13: Hoare triple {1546#(and (forall ((v_prenex_5 (_ BitVec 32))) (or (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)) (not (= (select |#valid| v_prenex_5) (_ bv0 1))) (= main_~t~0.base v_prenex_5))) (or (forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)))) (= (_ bv0 32) main_~t~0.offset)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1539#(forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (bvadd (select (select (store |#memory_int| v_main_~t~0.base_12 (store (select |#memory_int| v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) (select (select (store |#memory_$Pointer$.base| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.base| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.base)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (select (select (store |#memory_$Pointer$.offset| v_main_~t~0.base_12 (store (select |#memory_$Pointer$.offset| v_main_~t~0.base_12) (_ bv4 32) main_~p~0.offset)) main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967295 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:21,357 INFO L273 TraceCheckUtils]: 12: Hoare triple {1546#(and (forall ((v_prenex_5 (_ BitVec 32))) (or (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)) (not (= (select |#valid| v_prenex_5) (_ bv0 1))) (= main_~t~0.base v_prenex_5))) (or (forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)))) (= (_ bv0 32) main_~t~0.offset)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1546#(and (forall ((v_prenex_5 (_ BitVec 32))) (or (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)) (not (= (select |#valid| v_prenex_5) (_ bv0 1))) (= main_~t~0.base v_prenex_5))) (or (forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)))) (= (_ bv0 32) main_~t~0.offset)))} is VALID [2018-11-14 16:24:21,359 INFO L273 TraceCheckUtils]: 11: Hoare triple {1553#(forall ((v_prenex_5 (_ BitVec 32)) (v_main_~t~0.base_13 (_ BitVec 32))) (or (= (bvadd (select (select (store (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select |#valid| v_main_~t~0.base_13) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_main_~t~0.base_13 (_ bv1 1)) v_prenex_5))) (= v_main_~t~0.base_13 v_prenex_5)))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1546#(and (forall ((v_prenex_5 (_ BitVec 32))) (or (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)) (not (= (select |#valid| v_prenex_5) (_ bv0 1))) (= main_~t~0.base v_prenex_5))) (or (forall ((v_main_~t~0.base_12 (_ BitVec 32))) (or (not (= (select |#valid| v_main_~t~0.base_12) (_ bv0 1))) (= (_ bv1 32) (select (select (store (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12 (store (select (store |#memory_int| main_~t~0.base (store (select |#memory_int| main_~t~0.base) main_~t~0.offset (_ bv1 32))) v_main_~t~0.base_12) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset)))) (= (_ bv0 32) main_~t~0.offset)))} is VALID [2018-11-14 16:24:21,360 INFO L273 TraceCheckUtils]: 10: Hoare triple {1553#(forall ((v_prenex_5 (_ BitVec 32)) (v_main_~t~0.base_13 (_ BitVec 32))) (or (= (bvadd (select (select (store (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select |#valid| v_main_~t~0.base_13) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_main_~t~0.base_13 (_ bv1 1)) v_prenex_5))) (= v_main_~t~0.base_13 v_prenex_5)))} assume true; {1553#(forall ((v_prenex_5 (_ BitVec 32)) (v_main_~t~0.base_13 (_ BitVec 32))) (or (= (bvadd (select (select (store (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select |#valid| v_main_~t~0.base_13) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_main_~t~0.base_13 (_ bv1 1)) v_prenex_5))) (= v_main_~t~0.base_13 v_prenex_5)))} is VALID [2018-11-14 16:24:21,366 INFO L273 TraceCheckUtils]: 9: Hoare triple {1377#true} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1553#(forall ((v_prenex_5 (_ BitVec 32)) (v_main_~t~0.base_13 (_ BitVec 32))) (or (= (bvadd (select (select (store (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5 (store (select (store |#memory_int| v_main_~t~0.base_13 (store (select |#memory_int| v_main_~t~0.base_13) (_ bv0 32) (_ bv1 32))) v_prenex_5) (_ bv0 32) (_ bv1 32))) main_~p~0.base) main_~p~0.offset) (_ bv4294967295 32)) (_ bv0 32)) (not (= (select |#valid| v_main_~t~0.base_13) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_main_~t~0.base_13 (_ bv1 1)) v_prenex_5))) (= v_main_~t~0.base_13 v_prenex_5)))} is VALID [2018-11-14 16:24:21,366 INFO L273 TraceCheckUtils]: 8: Hoare triple {1377#true} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1377#true} is VALID [2018-11-14 16:24:21,367 INFO L273 TraceCheckUtils]: 7: Hoare triple {1377#true} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1377#true} is VALID [2018-11-14 16:24:21,367 INFO L273 TraceCheckUtils]: 6: Hoare triple {1377#true} assume true; {1377#true} is VALID [2018-11-14 16:24:21,367 INFO L273 TraceCheckUtils]: 5: Hoare triple {1377#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {1377#true} is VALID [2018-11-14 16:24:21,367 INFO L256 TraceCheckUtils]: 4: Hoare triple {1377#true} call #t~ret4 := main(); {1377#true} is VALID [2018-11-14 16:24:21,367 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1377#true} {1377#true} #57#return; {1377#true} is VALID [2018-11-14 16:24:21,368 INFO L273 TraceCheckUtils]: 2: Hoare triple {1377#true} assume true; {1377#true} is VALID [2018-11-14 16:24:21,368 INFO L273 TraceCheckUtils]: 1: Hoare triple {1377#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1377#true} is VALID [2018-11-14 16:24:21,368 INFO L256 TraceCheckUtils]: 0: Hoare triple {1377#true} call ULTIMATE.init(); {1377#true} is VALID [2018-11-14 16:24:21,380 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 10 proven. 18 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:24:21,383 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 16:24:21,383 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 12] total 21 [2018-11-14 16:24:21,385 INFO L78 Accepts]: Start accepts. Automaton has 21 states. Word has length 32 [2018-11-14 16:24:21,385 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 16:24:21,385 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 21 states. [2018-11-14 16:24:23,588 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 55 edges. 54 inductive. 0 not inductive. 1 times theorem prover too weak to decide inductivity. [2018-11-14 16:24:23,589 INFO L459 AbstractCegarLoop]: Interpolant automaton has 21 states [2018-11-14 16:24:23,589 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2018-11-14 16:24:23,589 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=98, Invalid=313, Unknown=9, NotChecked=0, Total=420 [2018-11-14 16:24:23,590 INFO L87 Difference]: Start difference. First operand 33 states and 34 transitions. Second operand 21 states. [2018-11-14 16:24:25,747 WARN L179 SmtUtils]: Spent 135.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 51 [2018-11-14 16:24:26,069 WARN L179 SmtUtils]: Spent 167.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 55 [2018-11-14 16:24:26,736 WARN L179 SmtUtils]: Spent 150.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 54 [2018-11-14 16:24:27,167 WARN L179 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 51 [2018-11-14 16:24:27,497 WARN L179 SmtUtils]: Spent 132.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 53 [2018-11-14 16:24:28,271 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:24:28,272 INFO L93 Difference]: Finished difference Result 42 states and 43 transitions. [2018-11-14 16:24:28,272 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2018-11-14 16:24:28,272 INFO L78 Accepts]: Start accepts. Automaton has 21 states. Word has length 32 [2018-11-14 16:24:28,272 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 16:24:28,272 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21 states. [2018-11-14 16:24:28,274 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 43 transitions. [2018-11-14 16:24:28,274 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21 states. [2018-11-14 16:24:28,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 43 transitions. [2018-11-14 16:24:28,276 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 14 states and 43 transitions. [2018-11-14 16:24:28,400 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 16:24:28,401 INFO L225 Difference]: With dead ends: 42 [2018-11-14 16:24:28,401 INFO L226 Difference]: Without dead ends: 40 [2018-11-14 16:24:28,402 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 76 GetRequests, 46 SyntacticMatches, 1 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 134 ImplicationChecksByTransitivity, 44.6s TimeCoverageRelationStatistics Valid=245, Invalid=676, Unknown=9, NotChecked=0, Total=930 [2018-11-14 16:24:28,402 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 40 states. [2018-11-14 16:24:28,533 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 40 to 37. [2018-11-14 16:24:28,533 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 16:24:28,533 INFO L82 GeneralOperation]: Start isEquivalent. First operand 40 states. Second operand 37 states. [2018-11-14 16:24:28,533 INFO L74 IsIncluded]: Start isIncluded. First operand 40 states. Second operand 37 states. [2018-11-14 16:24:28,533 INFO L87 Difference]: Start difference. First operand 40 states. Second operand 37 states. [2018-11-14 16:24:28,535 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:24:28,535 INFO L93 Difference]: Finished difference Result 40 states and 41 transitions. [2018-11-14 16:24:28,535 INFO L276 IsEmpty]: Start isEmpty. Operand 40 states and 41 transitions. [2018-11-14 16:24:28,536 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:24:28,536 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:24:28,536 INFO L74 IsIncluded]: Start isIncluded. First operand 37 states. Second operand 40 states. [2018-11-14 16:24:28,536 INFO L87 Difference]: Start difference. First operand 37 states. Second operand 40 states. [2018-11-14 16:24:28,538 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 16:24:28,538 INFO L93 Difference]: Finished difference Result 40 states and 41 transitions. [2018-11-14 16:24:28,538 INFO L276 IsEmpty]: Start isEmpty. Operand 40 states and 41 transitions. [2018-11-14 16:24:28,538 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 16:24:28,538 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 16:24:28,539 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 16:24:28,539 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 16:24:28,539 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 37 states. [2018-11-14 16:24:28,540 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 37 states to 37 states and 38 transitions. [2018-11-14 16:24:28,540 INFO L78 Accepts]: Start accepts. Automaton has 37 states and 38 transitions. Word has length 32 [2018-11-14 16:24:28,541 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 16:24:28,541 INFO L480 AbstractCegarLoop]: Abstraction has 37 states and 38 transitions. [2018-11-14 16:24:28,541 INFO L481 AbstractCegarLoop]: Interpolant automaton has 21 states. [2018-11-14 16:24:28,541 INFO L276 IsEmpty]: Start isEmpty. Operand 37 states and 38 transitions. [2018-11-14 16:24:28,542 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2018-11-14 16:24:28,542 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 16:24:28,542 INFO L375 BasicCegarLoop]: trace histogram [4, 4, 4, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 16:24:28,542 INFO L423 AbstractCegarLoop]: === Iteration 8 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 16:24:28,542 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 16:24:28,543 INFO L82 PathProgramCache]: Analyzing trace with hash -1088749687, now seen corresponding path program 5 times [2018-11-14 16:24:28,543 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-14 16:24:28,543 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 9 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-14 16:24:28,561 INFO L101 rtionOrderModulation]: Changing assertion order to INSIDE_LOOP_FIRST1 [2018-11-14 16:24:28,725 INFO L249 tOrderPrioritization]: Assert order INSIDE_LOOP_FIRST1 issued 4 check-sat command(s) [2018-11-14 16:24:28,725 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 16:24:28,767 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 16:24:28,770 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 16:24:28,800 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-14 16:24:28,802 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:28,813 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:28,813 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:16, output treesize:15 [2018-11-14 16:24:28,818 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:24:28,860 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:24:28,863 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:24:28,865 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:28,868 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:28,891 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-14 16:24:28,896 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:24:28,898 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:28,901 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:28,915 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:28,916 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:35, output treesize:27 [2018-11-14 16:24:28,976 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:24:28,978 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:24:28,979 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 21 [2018-11-14 16:24:28,981 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,008 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,008 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:41, output treesize:39 [2018-11-14 16:24:29,013 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:24:29,134 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 22 [2018-11-14 16:24:29,142 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:24:29,148 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,162 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,218 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 22 [2018-11-14 16:24:29,225 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:24:29,229 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,245 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,285 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,286 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:58, output treesize:65 [2018-11-14 16:24:29,408 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:24:29,410 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:24:29,412 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:24:29,413 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 25 [2018-11-14 16:24:29,415 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,447 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,447 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:70, output treesize:63 [2018-11-14 16:24:29,453 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:24:29,592 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 49 [2018-11-14 16:24:29,602 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:24:29,603 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,630 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,724 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 52 treesize of output 56 [2018-11-14 16:24:29,737 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-14 16:24:29,738 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,767 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,815 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:29,815 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:76, output treesize:101 [2018-11-14 16:24:30,934 INFO L700 Elim1Store]: detected not equals via solver [2018-11-14 16:24:30,934 INFO L682 Elim1Store]: detected equality via solver [2018-11-14 16:24:30,973 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 4 select indices, 4 select index equivalence classes, 4 disjoint index pairs (out of 6 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 130 treesize of output 165 [2018-11-14 16:24:30,986 INFO L682 Elim1Store]: detected equality via solver [2018-11-14 16:24:30,987 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 54 treesize of output 38 [2018-11-14 16:24:30,990 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,029 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:24:31,034 INFO L267 ElimStorePlain]: Start of recursive call 4: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,057 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 33 treesize of output 17 [2018-11-14 16:24:31,059 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,070 INFO L267 ElimStorePlain]: Start of recursive call 2: 3 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,114 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 5 new quantified variables, introduced 0 case distinctions, treesize of input 79 treesize of output 47 [2018-11-14 16:24:31,125 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 13 [2018-11-14 16:24:31,127 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,147 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 4 [2018-11-14 16:24:31,149 INFO L267 ElimStorePlain]: Start of recursive call 8: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,157 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 3 [2018-11-14 16:24:31,158 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,160 INFO L267 ElimStorePlain]: Start of recursive call 6: 3 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,165 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 16:24:31,165 INFO L202 ElimStorePlain]: Needed 9 recursive calls to eliminate 4 variables, input treesize:191, output treesize:7 [2018-11-14 16:24:31,189 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 16:24:31,193 INFO L256 TraceCheckUtils]: 0: Hoare triple {1787#true} call ULTIMATE.init(); {1787#true} is VALID [2018-11-14 16:24:31,194 INFO L273 TraceCheckUtils]: 1: Hoare triple {1787#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1787#true} is VALID [2018-11-14 16:24:31,194 INFO L273 TraceCheckUtils]: 2: Hoare triple {1787#true} assume true; {1787#true} is VALID [2018-11-14 16:24:31,194 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1787#true} {1787#true} #57#return; {1787#true} is VALID [2018-11-14 16:24:31,194 INFO L256 TraceCheckUtils]: 4: Hoare triple {1787#true} call #t~ret4 := main(); {1787#true} is VALID [2018-11-14 16:24:31,195 INFO L273 TraceCheckUtils]: 5: Hoare triple {1787#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := 0bv32, 0bv32; {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:24:31,197 INFO L273 TraceCheckUtils]: 6: Hoare triple {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:24:31,200 INFO L273 TraceCheckUtils]: 7: Hoare triple {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1814#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:24:31,201 INFO L273 TraceCheckUtils]: 8: Hoare triple {1814#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1814#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:24:31,203 INFO L273 TraceCheckUtils]: 9: Hoare triple {1814#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base) (= main_~t~0.offset (_ bv0 32)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1821#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} is VALID [2018-11-14 16:24:31,204 INFO L273 TraceCheckUtils]: 10: Hoare triple {1821#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} assume true; {1821#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} is VALID [2018-11-14 16:24:31,206 INFO L273 TraceCheckUtils]: 11: Hoare triple {1821#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1828#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:24:31,207 INFO L273 TraceCheckUtils]: 12: Hoare triple {1828#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1828#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-14 16:24:31,210 INFO L273 TraceCheckUtils]: 13: Hoare triple {1828#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base main_~p~0.base)) (= main_~t~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1835#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:24:31,211 INFO L273 TraceCheckUtils]: 14: Hoare triple {1835#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume true; {1835#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:24:31,213 INFO L273 TraceCheckUtils]: 15: Hoare triple {1835#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv1 1) (select |#valid| main_~p~0.base)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !!(#t~nondet0 != 0bv32);havoc #t~nondet0;call #t~malloc1.base, #t~malloc1.offset := #Ultimate.alloc(8bv32);~t~0.base, ~t~0.offset := #t~malloc1.base, #t~malloc1.offset; {1842#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:24:31,214 INFO L273 TraceCheckUtils]: 16: Hoare triple {1842#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1842#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} is VALID [2018-11-14 16:24:31,217 INFO L273 TraceCheckUtils]: 17: Hoare triple {1842#(and (= main_~p~0.offset (_ bv0 32)) (not (= main_~t~0.base (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (not (= main_~t~0.base main_~p~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)))} call write~intINTTYPE4(1bv32, ~t~0.base, ~t~0.offset, 4bv32);call write~$Pointer$(~p~0.base, ~p~0.offset, ~t~0.base, ~bvadd32(4bv32, ~t~0.offset), 4bv32);~p~0.base, ~p~0.offset := ~t~0.base, ~t~0.offset; {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} is VALID [2018-11-14 16:24:31,218 INFO L273 TraceCheckUtils]: 18: Hoare triple {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} assume true; {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} is VALID [2018-11-14 16:24:31,219 INFO L273 TraceCheckUtils]: 19: Hoare triple {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} assume !(#t~nondet0 != 0bv32);havoc #t~nondet0; {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} is VALID [2018-11-14 16:24:31,220 INFO L273 TraceCheckUtils]: 20: Hoare triple {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} assume true; {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} is VALID [2018-11-14 16:24:31,220 INFO L273 TraceCheckUtils]: 21: Hoare triple {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} is VALID [2018-11-14 16:24:31,222 INFO L273 TraceCheckUtils]: 22: Hoare triple {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} is VALID [2018-11-14 16:24:31,225 INFO L273 TraceCheckUtils]: 23: Hoare triple {1849#(and (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (= (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (not (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) main_~p~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4 32))) (_ bv4 32)) (_ bv0 32)))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,226 INFO L273 TraceCheckUtils]: 24: Hoare triple {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} assume true; {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,226 INFO L273 TraceCheckUtils]: 25: Hoare triple {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,227 INFO L273 TraceCheckUtils]: 26: Hoare triple {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,231 INFO L273 TraceCheckUtils]: 27: Hoare triple {1868#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,232 INFO L273 TraceCheckUtils]: 28: Hoare triple {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} assume true; {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,232 INFO L273 TraceCheckUtils]: 29: Hoare triple {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,233 INFO L273 TraceCheckUtils]: 30: Hoare triple {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} assume !(#t~mem2 != 1bv32);havoc #t~mem2; {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} is VALID [2018-11-14 16:24:31,237 INFO L273 TraceCheckUtils]: 31: Hoare triple {1881#(exists ((v_main_~p~0.base_39 (_ BitVec 32)) (v_main_~p~0.offset_39 (_ BitVec 32))) (and (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32))) (_ bv4 32))) (= main_~p~0.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (= main_~p~0.base (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (bvadd (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv4 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (not (= v_main_~p~0.base_39 (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))))) (= (select (select |#memory_$Pointer$.offset| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~p~0.base_39) (bvadd v_main_~p~0.offset_39 (_ bv4 32)))) (_ bv4 32)) (_ bv0 32))))} call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32);~p~0.base, ~p~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:24:31,238 INFO L273 TraceCheckUtils]: 32: Hoare triple {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume true; {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} is VALID [2018-11-14 16:24:31,239 INFO L273 TraceCheckUtils]: 33: Hoare triple {1807#(and (= main_~p~0.offset (_ bv0 32)) (= (_ bv0 32) main_~p~0.base))} assume !!(~p~0.base != 0bv32 || ~p~0.offset != 0bv32);call #t~mem2 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); {1788#false} is VALID [2018-11-14 16:24:31,239 INFO L273 TraceCheckUtils]: 34: Hoare triple {1788#false} assume #t~mem2 != 1bv32;havoc #t~mem2; {1788#false} is VALID [2018-11-14 16:24:31,239 INFO L273 TraceCheckUtils]: 35: Hoare triple {1788#false} assume !false; {1788#false} is VALID [2018-11-14 16:24:31,250 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 3 proven. 36 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 16:24:31,250 INFO L316 TraceCheckSpWp]: Computing backward predicates...