java -ea -Xmx8000000000 -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc ../../../trunk/examples/toolchains/AutomizerC.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default-Const.epf -i ../../../trunk/examples/svcomp/array-examples/standard_vararg_true-unreach-call_ground_true-termination.i -------------------------------------------------------------------------------- This is Ultimate 0.1.23-370d6ab [2018-11-14 18:46:41,100 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-14 18:46:41,102 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-14 18:46:41,119 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-14 18:46:41,120 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-14 18:46:41,121 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-14 18:46:41,122 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-14 18:46:41,124 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-14 18:46:41,125 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-14 18:46:41,126 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-14 18:46:41,127 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-14 18:46:41,128 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-14 18:46:41,128 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-14 18:46:41,129 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-14 18:46:41,131 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-14 18:46:41,131 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-14 18:46:41,132 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-14 18:46:41,134 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-14 18:46:41,136 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-14 18:46:41,138 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-14 18:46:41,139 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-14 18:46:41,140 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-14 18:46:41,143 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-14 18:46:41,143 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-14 18:46:41,143 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-14 18:46:41,148 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-14 18:46:41,149 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-14 18:46:41,153 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-14 18:46:41,154 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-14 18:46:41,155 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-14 18:46:41,155 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-14 18:46:41,156 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-14 18:46:41,156 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-14 18:46:41,156 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-14 18:46:41,160 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-14 18:46:41,161 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-14 18:46:41,161 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default-Const.epf [2018-11-14 18:46:41,184 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-14 18:46:41,184 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-14 18:46:41,185 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-14 18:46:41,185 INFO L133 SettingsManager]: * to procedures, called more than once=true [2018-11-14 18:46:41,186 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-14 18:46:41,186 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-14 18:46:41,186 INFO L133 SettingsManager]: * Use SBE=true [2018-11-14 18:46:41,186 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-14 18:46:41,187 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-14 18:46:41,187 INFO L133 SettingsManager]: * Overapproximate operations on floating types=true [2018-11-14 18:46:41,187 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-14 18:46:41,187 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-14 18:46:41,187 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-14 18:46:41,188 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-14 18:46:41,188 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-14 18:46:41,188 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-14 18:46:41,188 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-14 18:46:41,188 INFO L133 SettingsManager]: * Use constant arrays=true [2018-11-14 18:46:41,189 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-14 18:46:41,189 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-14 18:46:41,189 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-14 18:46:41,189 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-14 18:46:41,189 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-14 18:46:41,190 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-14 18:46:41,190 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-14 18:46:41,190 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-14 18:46:41,190 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-14 18:46:41,190 INFO L133 SettingsManager]: * Trace refinement strategy=CAMEL [2018-11-14 18:46:41,191 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-14 18:46:41,191 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2018-11-14 18:46:41,191 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2018-11-14 18:46:41,246 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-14 18:46:41,267 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-14 18:46:41,271 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-14 18:46:41,273 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-14 18:46:41,273 INFO L276 PluginConnector]: CDTParser initialized [2018-11-14 18:46:41,274 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/array-examples/standard_vararg_true-unreach-call_ground_true-termination.i [2018-11-14 18:46:41,340 INFO L218 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/71bdfe764/85b360de33e54431a4c0ba0f11139e94/FLAG2d06ea0df [2018-11-14 18:46:41,757 INFO L298 CDTParser]: Found 1 translation units. [2018-11-14 18:46:41,758 INFO L158 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/array-examples/standard_vararg_true-unreach-call_ground_true-termination.i [2018-11-14 18:46:41,765 INFO L346 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/71bdfe764/85b360de33e54431a4c0ba0f11139e94/FLAG2d06ea0df [2018-11-14 18:46:41,781 INFO L354 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/71bdfe764/85b360de33e54431a4c0ba0f11139e94 [2018-11-14 18:46:41,793 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-14 18:46:41,795 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2018-11-14 18:46:41,795 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-14 18:46:41,796 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-14 18:46:41,799 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-14 18:46:41,801 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 06:46:41" (1/1) ... [2018-11-14 18:46:41,804 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2fa399da and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:41, skipping insertion in model container [2018-11-14 18:46:41,804 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 06:46:41" (1/1) ... [2018-11-14 18:46:41,815 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-14 18:46:41,836 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-14 18:46:42,035 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-14 18:46:42,040 INFO L191 MainTranslator]: Completed pre-run [2018-11-14 18:46:42,062 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-14 18:46:42,084 INFO L195 MainTranslator]: Completed translation [2018-11-14 18:46:42,085 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42 WrapperNode [2018-11-14 18:46:42,085 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-14 18:46:42,086 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-14 18:46:42,086 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-14 18:46:42,086 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-14 18:46:42,101 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... [2018-11-14 18:46:42,101 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... [2018-11-14 18:46:42,110 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... [2018-11-14 18:46:42,110 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... [2018-11-14 18:46:42,119 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... [2018-11-14 18:46:42,126 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... [2018-11-14 18:46:42,127 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... [2018-11-14 18:46:42,129 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-14 18:46:42,130 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-14 18:46:42,130 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-14 18:46:42,130 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-14 18:46:42,131 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-14 18:46:42,250 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-14 18:46:42,250 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-14 18:46:42,251 INFO L138 BoogieDeclarations]: Found implementation of procedure __VERIFIER_assert [2018-11-14 18:46:42,251 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-14 18:46:42,251 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2018-11-14 18:46:42,251 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assert [2018-11-14 18:46:42,251 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-14 18:46:42,251 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-14 18:46:42,252 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2018-11-14 18:46:42,252 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2018-11-14 18:46:42,252 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-14 18:46:42,252 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-14 18:46:42,252 INFO L130 BoogieDeclarations]: Found specification of procedure write~unchecked~int [2018-11-14 18:46:42,252 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2018-11-14 18:46:42,736 INFO L278 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-14 18:46:42,737 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 06:46:42 BoogieIcfgContainer [2018-11-14 18:46:42,737 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-14 18:46:42,738 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-14 18:46:42,738 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-14 18:46:42,741 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-14 18:46:42,742 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.11 06:46:41" (1/3) ... [2018-11-14 18:46:42,743 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ef540f2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 06:46:42, skipping insertion in model container [2018-11-14 18:46:42,743 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 06:46:42" (2/3) ... [2018-11-14 18:46:42,743 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ef540f2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 06:46:42, skipping insertion in model container [2018-11-14 18:46:42,743 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 06:46:42" (3/3) ... [2018-11-14 18:46:42,745 INFO L112 eAbstractionObserver]: Analyzing ICFG standard_vararg_true-unreach-call_ground_true-termination.i [2018-11-14 18:46:42,753 INFO L136 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-14 18:46:42,761 INFO L148 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-11-14 18:46:42,777 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-11-14 18:46:42,810 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-14 18:46:42,811 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-14 18:46:42,811 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-14 18:46:42,811 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-14 18:46:42,811 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-14 18:46:42,811 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-14 18:46:42,812 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-14 18:46:42,812 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-14 18:46:42,812 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-14 18:46:42,832 INFO L276 IsEmpty]: Start isEmpty. Operand 26 states. [2018-11-14 18:46:42,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 15 [2018-11-14 18:46:42,839 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:46:42,840 INFO L375 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:46:42,842 INFO L423 AbstractCegarLoop]: === Iteration 1 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:46:42,848 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:46:42,849 INFO L82 PathProgramCache]: Analyzing trace with hash 1193744236, now seen corresponding path program 1 times [2018-11-14 18:46:42,851 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:46:42,851 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:46:42,904 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:42,904 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 18:46:42,904 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:42,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:42,989 INFO L256 TraceCheckUtils]: 0: Hoare triple {29#true} call ULTIMATE.init(); {29#true} is VALID [2018-11-14 18:46:42,993 INFO L273 TraceCheckUtils]: 1: Hoare triple {29#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {29#true} is VALID [2018-11-14 18:46:42,994 INFO L273 TraceCheckUtils]: 2: Hoare triple {29#true} assume true; {29#true} is VALID [2018-11-14 18:46:42,995 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {29#true} {29#true} #51#return; {29#true} is VALID [2018-11-14 18:46:42,995 INFO L256 TraceCheckUtils]: 4: Hoare triple {29#true} call #t~ret4 := main(); {29#true} is VALID [2018-11-14 18:46:42,995 INFO L273 TraceCheckUtils]: 5: Hoare triple {29#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {29#true} is VALID [2018-11-14 18:46:43,009 INFO L273 TraceCheckUtils]: 6: Hoare triple {29#true} assume !true; {30#false} is VALID [2018-11-14 18:46:43,009 INFO L273 TraceCheckUtils]: 7: Hoare triple {30#false} havoc ~x~0;~x~0 := 0; {30#false} is VALID [2018-11-14 18:46:43,010 INFO L273 TraceCheckUtils]: 8: Hoare triple {30#false} assume true; {30#false} is VALID [2018-11-14 18:46:43,010 INFO L273 TraceCheckUtils]: 9: Hoare triple {30#false} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {30#false} is VALID [2018-11-14 18:46:43,011 INFO L256 TraceCheckUtils]: 10: Hoare triple {30#false} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {30#false} is VALID [2018-11-14 18:46:43,011 INFO L273 TraceCheckUtils]: 11: Hoare triple {30#false} ~cond := #in~cond; {30#false} is VALID [2018-11-14 18:46:43,011 INFO L273 TraceCheckUtils]: 12: Hoare triple {30#false} assume ~cond == 0; {30#false} is VALID [2018-11-14 18:46:43,012 INFO L273 TraceCheckUtils]: 13: Hoare triple {30#false} assume !false; {30#false} is VALID [2018-11-14 18:46:43,015 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:43,018 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 18:46:43,018 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2018-11-14 18:46:43,023 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 14 [2018-11-14 18:46:43,027 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:46:43,031 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states. [2018-11-14 18:46:43,077 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 14 edges. 14 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:43,078 INFO L459 AbstractCegarLoop]: Interpolant automaton has 2 states [2018-11-14 18:46:43,085 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2018-11-14 18:46:43,086 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-14 18:46:43,088 INFO L87 Difference]: Start difference. First operand 26 states. Second operand 2 states. [2018-11-14 18:46:43,269 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:43,269 INFO L93 Difference]: Finished difference Result 43 states and 50 transitions. [2018-11-14 18:46:43,270 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2018-11-14 18:46:43,270 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 14 [2018-11-14 18:46:43,270 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:46:43,272 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-14 18:46:43,282 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 50 transitions. [2018-11-14 18:46:43,283 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-14 18:46:43,287 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 50 transitions. [2018-11-14 18:46:43,288 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 50 transitions. [2018-11-14 18:46:43,613 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 50 edges. 50 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:43,628 INFO L225 Difference]: With dead ends: 43 [2018-11-14 18:46:43,630 INFO L226 Difference]: Without dead ends: 21 [2018-11-14 18:46:43,633 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-14 18:46:43,651 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 21 states. [2018-11-14 18:46:43,731 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 21 to 21. [2018-11-14 18:46:43,731 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:46:43,731 INFO L82 GeneralOperation]: Start isEquivalent. First operand 21 states. Second operand 21 states. [2018-11-14 18:46:43,732 INFO L74 IsIncluded]: Start isIncluded. First operand 21 states. Second operand 21 states. [2018-11-14 18:46:43,732 INFO L87 Difference]: Start difference. First operand 21 states. Second operand 21 states. [2018-11-14 18:46:43,736 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:43,737 INFO L93 Difference]: Finished difference Result 21 states and 22 transitions. [2018-11-14 18:46:43,737 INFO L276 IsEmpty]: Start isEmpty. Operand 21 states and 22 transitions. [2018-11-14 18:46:43,737 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:43,738 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:43,738 INFO L74 IsIncluded]: Start isIncluded. First operand 21 states. Second operand 21 states. [2018-11-14 18:46:43,738 INFO L87 Difference]: Start difference. First operand 21 states. Second operand 21 states. [2018-11-14 18:46:43,741 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:43,742 INFO L93 Difference]: Finished difference Result 21 states and 22 transitions. [2018-11-14 18:46:43,742 INFO L276 IsEmpty]: Start isEmpty. Operand 21 states and 22 transitions. [2018-11-14 18:46:43,742 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:43,743 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:43,743 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:46:43,743 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:46:43,743 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21 states. [2018-11-14 18:46:43,746 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 22 transitions. [2018-11-14 18:46:43,748 INFO L78 Accepts]: Start accepts. Automaton has 21 states and 22 transitions. Word has length 14 [2018-11-14 18:46:43,748 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:46:43,749 INFO L480 AbstractCegarLoop]: Abstraction has 21 states and 22 transitions. [2018-11-14 18:46:43,749 INFO L481 AbstractCegarLoop]: Interpolant automaton has 2 states. [2018-11-14 18:46:43,751 INFO L276 IsEmpty]: Start isEmpty. Operand 21 states and 22 transitions. [2018-11-14 18:46:43,751 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2018-11-14 18:46:43,752 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:46:43,752 INFO L375 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:46:43,752 INFO L423 AbstractCegarLoop]: === Iteration 2 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:46:43,753 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:46:43,753 INFO L82 PathProgramCache]: Analyzing trace with hash 774196882, now seen corresponding path program 1 times [2018-11-14 18:46:43,753 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:46:43,753 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:46:43,755 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:43,755 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 18:46:43,755 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:43,807 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:43,965 INFO L256 TraceCheckUtils]: 0: Hoare triple {158#true} call ULTIMATE.init(); {158#true} is VALID [2018-11-14 18:46:43,966 INFO L273 TraceCheckUtils]: 1: Hoare triple {158#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {158#true} is VALID [2018-11-14 18:46:43,966 INFO L273 TraceCheckUtils]: 2: Hoare triple {158#true} assume true; {158#true} is VALID [2018-11-14 18:46:43,966 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {158#true} {158#true} #51#return; {158#true} is VALID [2018-11-14 18:46:43,966 INFO L256 TraceCheckUtils]: 4: Hoare triple {158#true} call #t~ret4 := main(); {158#true} is VALID [2018-11-14 18:46:43,975 INFO L273 TraceCheckUtils]: 5: Hoare triple {158#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {160#(= main_~a~0 0)} is VALID [2018-11-14 18:46:43,990 INFO L273 TraceCheckUtils]: 6: Hoare triple {160#(= main_~a~0 0)} assume true; {160#(= main_~a~0 0)} is VALID [2018-11-14 18:46:43,999 INFO L273 TraceCheckUtils]: 7: Hoare triple {160#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {160#(= main_~a~0 0)} is VALID [2018-11-14 18:46:44,018 INFO L273 TraceCheckUtils]: 8: Hoare triple {160#(= main_~a~0 0)} assume !(#t~mem0 >= 0);havoc #t~mem0; {160#(= main_~a~0 0)} is VALID [2018-11-14 18:46:44,027 INFO L273 TraceCheckUtils]: 9: Hoare triple {160#(= main_~a~0 0)} havoc ~x~0;~x~0 := 0; {161#(and (= main_~x~0 0) (= main_~a~0 0))} is VALID [2018-11-14 18:46:44,043 INFO L273 TraceCheckUtils]: 10: Hoare triple {161#(and (= main_~x~0 0) (= main_~a~0 0))} assume true; {161#(and (= main_~x~0 0) (= main_~a~0 0))} is VALID [2018-11-14 18:46:44,052 INFO L273 TraceCheckUtils]: 11: Hoare triple {161#(and (= main_~x~0 0) (= main_~a~0 0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {159#false} is VALID [2018-11-14 18:46:44,053 INFO L256 TraceCheckUtils]: 12: Hoare triple {159#false} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {159#false} is VALID [2018-11-14 18:46:44,053 INFO L273 TraceCheckUtils]: 13: Hoare triple {159#false} ~cond := #in~cond; {159#false} is VALID [2018-11-14 18:46:44,053 INFO L273 TraceCheckUtils]: 14: Hoare triple {159#false} assume ~cond == 0; {159#false} is VALID [2018-11-14 18:46:44,054 INFO L273 TraceCheckUtils]: 15: Hoare triple {159#false} assume !false; {159#false} is VALID [2018-11-14 18:46:44,056 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:44,056 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 18:46:44,056 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 18:46:44,058 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 16 [2018-11-14 18:46:44,059 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:46:44,059 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 18:46:44,110 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:44,110 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 18:46:44,110 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 18:46:44,111 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2018-11-14 18:46:44,111 INFO L87 Difference]: Start difference. First operand 21 states and 22 transitions. Second operand 4 states. [2018-11-14 18:46:44,283 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:44,283 INFO L93 Difference]: Finished difference Result 38 states and 40 transitions. [2018-11-14 18:46:44,284 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 18:46:44,284 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 16 [2018-11-14 18:46:44,284 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:46:44,284 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 18:46:44,287 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 40 transitions. [2018-11-14 18:46:44,288 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 18:46:44,290 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 40 transitions. [2018-11-14 18:46:44,291 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 40 transitions. [2018-11-14 18:46:44,382 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:44,384 INFO L225 Difference]: With dead ends: 38 [2018-11-14 18:46:44,384 INFO L226 Difference]: Without dead ends: 24 [2018-11-14 18:46:44,385 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2018-11-14 18:46:44,385 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24 states. [2018-11-14 18:46:44,512 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24 to 24. [2018-11-14 18:46:44,513 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:46:44,513 INFO L82 GeneralOperation]: Start isEquivalent. First operand 24 states. Second operand 24 states. [2018-11-14 18:46:44,513 INFO L74 IsIncluded]: Start isIncluded. First operand 24 states. Second operand 24 states. [2018-11-14 18:46:44,513 INFO L87 Difference]: Start difference. First operand 24 states. Second operand 24 states. [2018-11-14 18:46:44,516 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:44,516 INFO L93 Difference]: Finished difference Result 24 states and 25 transitions. [2018-11-14 18:46:44,516 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 25 transitions. [2018-11-14 18:46:44,517 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:44,517 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:44,517 INFO L74 IsIncluded]: Start isIncluded. First operand 24 states. Second operand 24 states. [2018-11-14 18:46:44,517 INFO L87 Difference]: Start difference. First operand 24 states. Second operand 24 states. [2018-11-14 18:46:44,520 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:44,520 INFO L93 Difference]: Finished difference Result 24 states and 25 transitions. [2018-11-14 18:46:44,520 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 25 transitions. [2018-11-14 18:46:44,521 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:44,521 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:44,521 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:46:44,521 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:46:44,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 24 states. [2018-11-14 18:46:44,523 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 24 states to 24 states and 25 transitions. [2018-11-14 18:46:44,524 INFO L78 Accepts]: Start accepts. Automaton has 24 states and 25 transitions. Word has length 16 [2018-11-14 18:46:44,524 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:46:44,524 INFO L480 AbstractCegarLoop]: Abstraction has 24 states and 25 transitions. [2018-11-14 18:46:44,524 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 18:46:44,524 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 25 transitions. [2018-11-14 18:46:44,525 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2018-11-14 18:46:44,525 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:46:44,525 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:46:44,526 INFO L423 AbstractCegarLoop]: === Iteration 3 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:46:44,526 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:46:44,526 INFO L82 PathProgramCache]: Analyzing trace with hash -209062116, now seen corresponding path program 1 times [2018-11-14 18:46:44,526 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:46:44,526 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:46:44,528 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:44,528 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 18:46:44,528 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:44,571 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:45,272 WARN L179 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 27 DAG size of output: 20 [2018-11-14 18:46:45,342 INFO L256 TraceCheckUtils]: 0: Hoare triple {296#true} call ULTIMATE.init(); {296#true} is VALID [2018-11-14 18:46:45,343 INFO L273 TraceCheckUtils]: 1: Hoare triple {296#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {296#true} is VALID [2018-11-14 18:46:45,343 INFO L273 TraceCheckUtils]: 2: Hoare triple {296#true} assume true; {296#true} is VALID [2018-11-14 18:46:45,343 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {296#true} {296#true} #51#return; {296#true} is VALID [2018-11-14 18:46:45,344 INFO L256 TraceCheckUtils]: 4: Hoare triple {296#true} call #t~ret4 := main(); {296#true} is VALID [2018-11-14 18:46:45,345 INFO L273 TraceCheckUtils]: 5: Hoare triple {296#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,346 INFO L273 TraceCheckUtils]: 6: Hoare triple {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} assume true; {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,357 INFO L273 TraceCheckUtils]: 7: Hoare triple {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {299#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,359 INFO L273 TraceCheckUtils]: 8: Hoare triple {299#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,360 INFO L273 TraceCheckUtils]: 9: Hoare triple {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} assume true; {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,360 INFO L273 TraceCheckUtils]: 10: Hoare triple {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,361 INFO L273 TraceCheckUtils]: 11: Hoare triple {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} assume !(#t~mem0 >= 0);havoc #t~mem0; {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,362 INFO L273 TraceCheckUtils]: 12: Hoare triple {300#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) 0)) (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3)) (= |main_~#aa~0.offset| 0))} havoc ~x~0;~x~0 := 0; {301#(and (or (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))) (= main_~x~0 0) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,363 INFO L273 TraceCheckUtils]: 13: Hoare triple {301#(and (or (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))) (= main_~x~0 0) (= |main_~#aa~0.offset| 0))} assume true; {301#(and (or (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))) (= main_~x~0 0) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:45,364 INFO L273 TraceCheckUtils]: 14: Hoare triple {301#(and (or (<= (+ |main_~#aa~0.offset| (* 4 main_~a~0)) 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))) (= main_~x~0 0) (= |main_~#aa~0.offset| 0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {302#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:46:45,366 INFO L256 TraceCheckUtils]: 15: Hoare triple {302#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {303#(= |__VERIFIER_assert_#in~cond| 1)} is VALID [2018-11-14 18:46:45,367 INFO L273 TraceCheckUtils]: 16: Hoare triple {303#(= |__VERIFIER_assert_#in~cond| 1)} ~cond := #in~cond; {304#(= __VERIFIER_assert_~cond 1)} is VALID [2018-11-14 18:46:45,367 INFO L273 TraceCheckUtils]: 17: Hoare triple {304#(= __VERIFIER_assert_~cond 1)} assume ~cond == 0; {297#false} is VALID [2018-11-14 18:46:45,368 INFO L273 TraceCheckUtils]: 18: Hoare triple {297#false} assume !false; {297#false} is VALID [2018-11-14 18:46:45,373 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:45,373 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-14 18:46:45,373 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-14 18:46:45,384 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 18:46:45,413 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:45,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:45,432 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 18:46:46,055 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 18:46:46,061 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2018-11-14 18:46:46,074 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 18:46:46,076 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:46:46,077 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:46:46,078 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:15, output treesize:3 [2018-11-14 18:46:46,079 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 18:46:46,107 INFO L256 TraceCheckUtils]: 0: Hoare triple {296#true} call ULTIMATE.init(); {296#true} is VALID [2018-11-14 18:46:46,107 INFO L273 TraceCheckUtils]: 1: Hoare triple {296#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {296#true} is VALID [2018-11-14 18:46:46,108 INFO L273 TraceCheckUtils]: 2: Hoare triple {296#true} assume true; {296#true} is VALID [2018-11-14 18:46:46,108 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {296#true} {296#true} #51#return; {296#true} is VALID [2018-11-14 18:46:46,109 INFO L256 TraceCheckUtils]: 4: Hoare triple {296#true} call #t~ret4 := main(); {296#true} is VALID [2018-11-14 18:46:46,112 INFO L273 TraceCheckUtils]: 5: Hoare triple {296#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,117 INFO L273 TraceCheckUtils]: 6: Hoare triple {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} assume true; {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,118 INFO L273 TraceCheckUtils]: 7: Hoare triple {298#(and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (= |main_~#aa~0.offset| 0))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {329#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,120 INFO L273 TraceCheckUtils]: 8: Hoare triple {329#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,121 INFO L273 TraceCheckUtils]: 9: Hoare triple {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} assume true; {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,122 INFO L273 TraceCheckUtils]: 10: Hoare triple {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,123 INFO L273 TraceCheckUtils]: 11: Hoare triple {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} assume !(#t~mem0 >= 0);havoc #t~mem0; {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,125 INFO L273 TraceCheckUtils]: 12: Hoare triple {333#(and (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} havoc ~x~0;~x~0 := 0; {346#(and (= main_~x~0 0) (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,145 INFO L273 TraceCheckUtils]: 13: Hoare triple {346#(and (= main_~x~0 0) (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} assume true; {346#(and (= main_~x~0 0) (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} is VALID [2018-11-14 18:46:46,154 INFO L273 TraceCheckUtils]: 14: Hoare triple {346#(and (= main_~x~0 0) (exists ((main_~a~0 Int)) (and (= 0 (+ |main_~#aa~0.offset| (* 4 main_~a~0))) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))) (= |main_~#aa~0.offset| 0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {302#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:46:46,164 INFO L256 TraceCheckUtils]: 15: Hoare triple {302#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {303#(= |__VERIFIER_assert_#in~cond| 1)} is VALID [2018-11-14 18:46:46,165 INFO L273 TraceCheckUtils]: 16: Hoare triple {303#(= |__VERIFIER_assert_#in~cond| 1)} ~cond := #in~cond; {304#(= __VERIFIER_assert_~cond 1)} is VALID [2018-11-14 18:46:46,165 INFO L273 TraceCheckUtils]: 17: Hoare triple {304#(= __VERIFIER_assert_~cond 1)} assume ~cond == 0; {297#false} is VALID [2018-11-14 18:46:46,166 INFO L273 TraceCheckUtils]: 18: Hoare triple {297#false} assume !false; {297#false} is VALID [2018-11-14 18:46:46,168 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:46,194 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 18:46:46,195 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9] total 12 [2018-11-14 18:46:46,195 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 19 [2018-11-14 18:46:46,196 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:46:46,196 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states. [2018-11-14 18:46:46,266 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:46,267 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2018-11-14 18:46:46,267 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2018-11-14 18:46:46,268 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=102, Unknown=0, NotChecked=0, Total=132 [2018-11-14 18:46:46,268 INFO L87 Difference]: Start difference. First operand 24 states and 25 transitions. Second operand 12 states. [2018-11-14 18:46:47,046 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:47,046 INFO L93 Difference]: Finished difference Result 35 states and 36 transitions. [2018-11-14 18:46:47,046 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2018-11-14 18:46:47,046 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 19 [2018-11-14 18:46:47,047 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:46:47,047 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2018-11-14 18:46:47,050 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 36 transitions. [2018-11-14 18:46:47,050 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2018-11-14 18:46:47,052 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 36 transitions. [2018-11-14 18:46:47,052 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 36 transitions. [2018-11-14 18:46:47,176 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:47,179 INFO L225 Difference]: With dead ends: 35 [2018-11-14 18:46:47,179 INFO L226 Difference]: Without dead ends: 33 [2018-11-14 18:46:47,180 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 15 SyntacticMatches, 2 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 36 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=41, Invalid=141, Unknown=0, NotChecked=0, Total=182 [2018-11-14 18:46:47,180 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33 states. [2018-11-14 18:46:47,216 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33 to 31. [2018-11-14 18:46:47,217 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:46:47,217 INFO L82 GeneralOperation]: Start isEquivalent. First operand 33 states. Second operand 31 states. [2018-11-14 18:46:47,217 INFO L74 IsIncluded]: Start isIncluded. First operand 33 states. Second operand 31 states. [2018-11-14 18:46:47,217 INFO L87 Difference]: Start difference. First operand 33 states. Second operand 31 states. [2018-11-14 18:46:47,221 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:47,221 INFO L93 Difference]: Finished difference Result 33 states and 34 transitions. [2018-11-14 18:46:47,221 INFO L276 IsEmpty]: Start isEmpty. Operand 33 states and 34 transitions. [2018-11-14 18:46:47,222 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:47,222 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:47,222 INFO L74 IsIncluded]: Start isIncluded. First operand 31 states. Second operand 33 states. [2018-11-14 18:46:47,222 INFO L87 Difference]: Start difference. First operand 31 states. Second operand 33 states. [2018-11-14 18:46:47,225 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:47,225 INFO L93 Difference]: Finished difference Result 33 states and 34 transitions. [2018-11-14 18:46:47,225 INFO L276 IsEmpty]: Start isEmpty. Operand 33 states and 34 transitions. [2018-11-14 18:46:47,226 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:47,226 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:47,226 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:46:47,226 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:46:47,227 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 31 states. [2018-11-14 18:46:47,229 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 31 states to 31 states and 32 transitions. [2018-11-14 18:46:47,229 INFO L78 Accepts]: Start accepts. Automaton has 31 states and 32 transitions. Word has length 19 [2018-11-14 18:46:47,229 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:46:47,229 INFO L480 AbstractCegarLoop]: Abstraction has 31 states and 32 transitions. [2018-11-14 18:46:47,229 INFO L481 AbstractCegarLoop]: Interpolant automaton has 12 states. [2018-11-14 18:46:47,230 INFO L276 IsEmpty]: Start isEmpty. Operand 31 states and 32 transitions. [2018-11-14 18:46:47,230 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2018-11-14 18:46:47,231 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:46:47,231 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:46:47,231 INFO L423 AbstractCegarLoop]: === Iteration 4 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:46:47,231 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:46:47,232 INFO L82 PathProgramCache]: Analyzing trace with hash -1544092779, now seen corresponding path program 1 times [2018-11-14 18:46:47,232 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:46:47,232 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:46:47,233 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:47,233 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 18:46:47,233 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:47,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:47,347 INFO L256 TraceCheckUtils]: 0: Hoare triple {524#true} call ULTIMATE.init(); {524#true} is VALID [2018-11-14 18:46:47,348 INFO L273 TraceCheckUtils]: 1: Hoare triple {524#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {524#true} is VALID [2018-11-14 18:46:47,348 INFO L273 TraceCheckUtils]: 2: Hoare triple {524#true} assume true; {524#true} is VALID [2018-11-14 18:46:47,349 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {524#true} {524#true} #51#return; {524#true} is VALID [2018-11-14 18:46:47,349 INFO L256 TraceCheckUtils]: 4: Hoare triple {524#true} call #t~ret4 := main(); {524#true} is VALID [2018-11-14 18:46:47,350 INFO L273 TraceCheckUtils]: 5: Hoare triple {524#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {526#(= main_~a~0 0)} is VALID [2018-11-14 18:46:47,351 INFO L273 TraceCheckUtils]: 6: Hoare triple {526#(= main_~a~0 0)} assume true; {526#(= main_~a~0 0)} is VALID [2018-11-14 18:46:47,351 INFO L273 TraceCheckUtils]: 7: Hoare triple {526#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {526#(= main_~a~0 0)} is VALID [2018-11-14 18:46:47,352 INFO L273 TraceCheckUtils]: 8: Hoare triple {526#(= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,353 INFO L273 TraceCheckUtils]: 9: Hoare triple {527#(<= main_~a~0 1)} assume true; {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,354 INFO L273 TraceCheckUtils]: 10: Hoare triple {527#(<= main_~a~0 1)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,355 INFO L273 TraceCheckUtils]: 11: Hoare triple {527#(<= main_~a~0 1)} assume !(#t~mem0 >= 0);havoc #t~mem0; {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,374 INFO L273 TraceCheckUtils]: 12: Hoare triple {527#(<= main_~a~0 1)} havoc ~x~0;~x~0 := 0; {528#(and (<= main_~a~0 1) (= main_~x~0 0))} is VALID [2018-11-14 18:46:47,388 INFO L273 TraceCheckUtils]: 13: Hoare triple {528#(and (<= main_~a~0 1) (= main_~x~0 0))} assume true; {528#(and (<= main_~a~0 1) (= main_~x~0 0))} is VALID [2018-11-14 18:46:47,402 INFO L273 TraceCheckUtils]: 14: Hoare triple {528#(and (<= main_~a~0 1) (= main_~x~0 0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {528#(and (<= main_~a~0 1) (= main_~x~0 0))} is VALID [2018-11-14 18:46:47,402 INFO L256 TraceCheckUtils]: 15: Hoare triple {528#(and (<= main_~a~0 1) (= main_~x~0 0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {524#true} is VALID [2018-11-14 18:46:47,403 INFO L273 TraceCheckUtils]: 16: Hoare triple {524#true} ~cond := #in~cond; {524#true} is VALID [2018-11-14 18:46:47,403 INFO L273 TraceCheckUtils]: 17: Hoare triple {524#true} assume !(~cond == 0); {524#true} is VALID [2018-11-14 18:46:47,403 INFO L273 TraceCheckUtils]: 18: Hoare triple {524#true} assume true; {524#true} is VALID [2018-11-14 18:46:47,417 INFO L268 TraceCheckUtils]: 19: Hoare quadruple {524#true} {528#(and (<= main_~a~0 1) (= main_~x~0 0))} #55#return; {528#(and (<= main_~a~0 1) (= main_~x~0 0))} is VALID [2018-11-14 18:46:47,431 INFO L273 TraceCheckUtils]: 20: Hoare triple {528#(and (<= main_~a~0 1) (= main_~x~0 0))} havoc #t~mem3; {528#(and (<= main_~a~0 1) (= main_~x~0 0))} is VALID [2018-11-14 18:46:47,440 INFO L273 TraceCheckUtils]: 21: Hoare triple {528#(and (<= main_~a~0 1) (= main_~x~0 0))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {529#(<= main_~a~0 main_~x~0)} is VALID [2018-11-14 18:46:47,454 INFO L273 TraceCheckUtils]: 22: Hoare triple {529#(<= main_~a~0 main_~x~0)} assume true; {529#(<= main_~a~0 main_~x~0)} is VALID [2018-11-14 18:46:47,456 INFO L273 TraceCheckUtils]: 23: Hoare triple {529#(<= main_~a~0 main_~x~0)} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {525#false} is VALID [2018-11-14 18:46:47,456 INFO L256 TraceCheckUtils]: 24: Hoare triple {525#false} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {525#false} is VALID [2018-11-14 18:46:47,456 INFO L273 TraceCheckUtils]: 25: Hoare triple {525#false} ~cond := #in~cond; {525#false} is VALID [2018-11-14 18:46:47,456 INFO L273 TraceCheckUtils]: 26: Hoare triple {525#false} assume ~cond == 0; {525#false} is VALID [2018-11-14 18:46:47,457 INFO L273 TraceCheckUtils]: 27: Hoare triple {525#false} assume !false; {525#false} is VALID [2018-11-14 18:46:47,459 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 3 proven. 5 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:47,459 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-14 18:46:47,459 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-14 18:46:47,472 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 18:46:47,486 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:47,496 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:47,497 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 18:46:47,653 INFO L256 TraceCheckUtils]: 0: Hoare triple {524#true} call ULTIMATE.init(); {524#true} is VALID [2018-11-14 18:46:47,653 INFO L273 TraceCheckUtils]: 1: Hoare triple {524#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {524#true} is VALID [2018-11-14 18:46:47,654 INFO L273 TraceCheckUtils]: 2: Hoare triple {524#true} assume true; {524#true} is VALID [2018-11-14 18:46:47,654 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {524#true} {524#true} #51#return; {524#true} is VALID [2018-11-14 18:46:47,654 INFO L256 TraceCheckUtils]: 4: Hoare triple {524#true} call #t~ret4 := main(); {524#true} is VALID [2018-11-14 18:46:47,655 INFO L273 TraceCheckUtils]: 5: Hoare triple {524#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {548#(<= main_~a~0 0)} is VALID [2018-11-14 18:46:47,656 INFO L273 TraceCheckUtils]: 6: Hoare triple {548#(<= main_~a~0 0)} assume true; {548#(<= main_~a~0 0)} is VALID [2018-11-14 18:46:47,657 INFO L273 TraceCheckUtils]: 7: Hoare triple {548#(<= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {548#(<= main_~a~0 0)} is VALID [2018-11-14 18:46:47,657 INFO L273 TraceCheckUtils]: 8: Hoare triple {548#(<= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,663 INFO L273 TraceCheckUtils]: 9: Hoare triple {527#(<= main_~a~0 1)} assume true; {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,664 INFO L273 TraceCheckUtils]: 10: Hoare triple {527#(<= main_~a~0 1)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,681 INFO L273 TraceCheckUtils]: 11: Hoare triple {527#(<= main_~a~0 1)} assume !(#t~mem0 >= 0);havoc #t~mem0; {527#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:47,698 INFO L273 TraceCheckUtils]: 12: Hoare triple {527#(<= main_~a~0 1)} havoc ~x~0;~x~0 := 0; {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} is VALID [2018-11-14 18:46:47,712 INFO L273 TraceCheckUtils]: 13: Hoare triple {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} assume true; {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} is VALID [2018-11-14 18:46:47,715 INFO L273 TraceCheckUtils]: 14: Hoare triple {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} is VALID [2018-11-14 18:46:47,715 INFO L256 TraceCheckUtils]: 15: Hoare triple {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {524#true} is VALID [2018-11-14 18:46:47,716 INFO L273 TraceCheckUtils]: 16: Hoare triple {524#true} ~cond := #in~cond; {524#true} is VALID [2018-11-14 18:46:47,716 INFO L273 TraceCheckUtils]: 17: Hoare triple {524#true} assume !(~cond == 0); {524#true} is VALID [2018-11-14 18:46:47,716 INFO L273 TraceCheckUtils]: 18: Hoare triple {524#true} assume true; {524#true} is VALID [2018-11-14 18:46:47,717 INFO L268 TraceCheckUtils]: 19: Hoare quadruple {524#true} {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} #55#return; {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} is VALID [2018-11-14 18:46:47,718 INFO L273 TraceCheckUtils]: 20: Hoare triple {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} havoc #t~mem3; {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} is VALID [2018-11-14 18:46:47,721 INFO L273 TraceCheckUtils]: 21: Hoare triple {570#(and (<= main_~a~0 1) (<= 0 main_~x~0))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {598#(and (<= main_~a~0 1) (<= 1 main_~x~0))} is VALID [2018-11-14 18:46:47,721 INFO L273 TraceCheckUtils]: 22: Hoare triple {598#(and (<= main_~a~0 1) (<= 1 main_~x~0))} assume true; {598#(and (<= main_~a~0 1) (<= 1 main_~x~0))} is VALID [2018-11-14 18:46:47,723 INFO L273 TraceCheckUtils]: 23: Hoare triple {598#(and (<= main_~a~0 1) (<= 1 main_~x~0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {525#false} is VALID [2018-11-14 18:46:47,723 INFO L256 TraceCheckUtils]: 24: Hoare triple {525#false} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {525#false} is VALID [2018-11-14 18:46:47,723 INFO L273 TraceCheckUtils]: 25: Hoare triple {525#false} ~cond := #in~cond; {525#false} is VALID [2018-11-14 18:46:47,724 INFO L273 TraceCheckUtils]: 26: Hoare triple {525#false} assume ~cond == 0; {525#false} is VALID [2018-11-14 18:46:47,724 INFO L273 TraceCheckUtils]: 27: Hoare triple {525#false} assume !false; {525#false} is VALID [2018-11-14 18:46:47,726 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 5 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:47,752 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 18:46:47,752 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6] total 9 [2018-11-14 18:46:47,753 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 28 [2018-11-14 18:46:47,753 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:46:47,753 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2018-11-14 18:46:47,856 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 41 edges. 41 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:47,857 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-11-14 18:46:47,857 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-11-14 18:46:47,857 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=48, Unknown=0, NotChecked=0, Total=72 [2018-11-14 18:46:47,858 INFO L87 Difference]: Start difference. First operand 31 states and 32 transitions. Second operand 9 states. [2018-11-14 18:46:48,137 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:48,137 INFO L93 Difference]: Finished difference Result 53 states and 56 transitions. [2018-11-14 18:46:48,137 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2018-11-14 18:46:48,138 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 28 [2018-11-14 18:46:48,138 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:46:48,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-14 18:46:48,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 49 transitions. [2018-11-14 18:46:48,142 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-14 18:46:48,144 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 49 transitions. [2018-11-14 18:46:48,145 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 49 transitions. [2018-11-14 18:46:48,218 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 49 edges. 49 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:48,221 INFO L225 Difference]: With dead ends: 53 [2018-11-14 18:46:48,221 INFO L226 Difference]: Without dead ends: 34 [2018-11-14 18:46:48,222 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=24, Invalid=48, Unknown=0, NotChecked=0, Total=72 [2018-11-14 18:46:48,222 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 34 states. [2018-11-14 18:46:48,314 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 34 to 34. [2018-11-14 18:46:48,315 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:46:48,315 INFO L82 GeneralOperation]: Start isEquivalent. First operand 34 states. Second operand 34 states. [2018-11-14 18:46:48,315 INFO L74 IsIncluded]: Start isIncluded. First operand 34 states. Second operand 34 states. [2018-11-14 18:46:48,315 INFO L87 Difference]: Start difference. First operand 34 states. Second operand 34 states. [2018-11-14 18:46:48,318 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:48,318 INFO L93 Difference]: Finished difference Result 34 states and 35 transitions. [2018-11-14 18:46:48,319 INFO L276 IsEmpty]: Start isEmpty. Operand 34 states and 35 transitions. [2018-11-14 18:46:48,319 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:48,319 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:48,320 INFO L74 IsIncluded]: Start isIncluded. First operand 34 states. Second operand 34 states. [2018-11-14 18:46:48,320 INFO L87 Difference]: Start difference. First operand 34 states. Second operand 34 states. [2018-11-14 18:46:48,322 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:48,322 INFO L93 Difference]: Finished difference Result 34 states and 35 transitions. [2018-11-14 18:46:48,323 INFO L276 IsEmpty]: Start isEmpty. Operand 34 states and 35 transitions. [2018-11-14 18:46:48,323 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:48,323 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:48,324 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:46:48,324 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:46:48,324 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 34 states. [2018-11-14 18:46:48,326 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 34 states to 34 states and 35 transitions. [2018-11-14 18:46:48,326 INFO L78 Accepts]: Start accepts. Automaton has 34 states and 35 transitions. Word has length 28 [2018-11-14 18:46:48,326 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:46:48,326 INFO L480 AbstractCegarLoop]: Abstraction has 34 states and 35 transitions. [2018-11-14 18:46:48,327 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-11-14 18:46:48,327 INFO L276 IsEmpty]: Start isEmpty. Operand 34 states and 35 transitions. [2018-11-14 18:46:48,328 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2018-11-14 18:46:48,328 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:46:48,328 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:46:48,328 INFO L423 AbstractCegarLoop]: === Iteration 5 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:46:48,328 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:46:48,329 INFO L82 PathProgramCache]: Analyzing trace with hash 37825823, now seen corresponding path program 2 times [2018-11-14 18:46:48,329 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:46:48,329 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:46:48,330 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:48,330 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 18:46:48,330 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:48,356 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:48,817 INFO L256 TraceCheckUtils]: 0: Hoare triple {803#true} call ULTIMATE.init(); {803#true} is VALID [2018-11-14 18:46:48,817 INFO L273 TraceCheckUtils]: 1: Hoare triple {803#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {803#true} is VALID [2018-11-14 18:46:48,818 INFO L273 TraceCheckUtils]: 2: Hoare triple {803#true} assume true; {803#true} is VALID [2018-11-14 18:46:48,818 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {803#true} {803#true} #51#return; {803#true} is VALID [2018-11-14 18:46:48,819 INFO L256 TraceCheckUtils]: 4: Hoare triple {803#true} call #t~ret4 := main(); {803#true} is VALID [2018-11-14 18:46:48,822 INFO L273 TraceCheckUtils]: 5: Hoare triple {803#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {805#(= main_~a~0 0)} is VALID [2018-11-14 18:46:48,822 INFO L273 TraceCheckUtils]: 6: Hoare triple {805#(= main_~a~0 0)} assume true; {805#(= main_~a~0 0)} is VALID [2018-11-14 18:46:48,823 INFO L273 TraceCheckUtils]: 7: Hoare triple {805#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {805#(= main_~a~0 0)} is VALID [2018-11-14 18:46:48,823 INFO L273 TraceCheckUtils]: 8: Hoare triple {805#(= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {806#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:48,824 INFO L273 TraceCheckUtils]: 9: Hoare triple {806#(<= main_~a~0 1)} assume true; {806#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:48,824 INFO L273 TraceCheckUtils]: 10: Hoare triple {806#(<= main_~a~0 1)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {807#(and (<= main_~a~0 1) (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:46:48,825 INFO L273 TraceCheckUtils]: 11: Hoare triple {807#(and (<= main_~a~0 1) (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,826 INFO L273 TraceCheckUtils]: 12: Hoare triple {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} assume true; {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,827 INFO L273 TraceCheckUtils]: 13: Hoare triple {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,828 INFO L273 TraceCheckUtils]: 14: Hoare triple {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} assume !(#t~mem0 >= 0);havoc #t~mem0; {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,829 INFO L273 TraceCheckUtils]: 15: Hoare triple {808#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (<= main_~a~0 2))} havoc ~x~0;~x~0 := 0; {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,830 INFO L273 TraceCheckUtils]: 16: Hoare triple {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} assume true; {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,831 INFO L273 TraceCheckUtils]: 17: Hoare triple {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,832 INFO L256 TraceCheckUtils]: 18: Hoare triple {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {803#true} is VALID [2018-11-14 18:46:48,832 INFO L273 TraceCheckUtils]: 19: Hoare triple {803#true} ~cond := #in~cond; {810#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} is VALID [2018-11-14 18:46:48,833 INFO L273 TraceCheckUtils]: 20: Hoare triple {810#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} assume !(~cond == 0); {811#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:46:48,834 INFO L273 TraceCheckUtils]: 21: Hoare triple {811#(not (= |__VERIFIER_assert_#in~cond| 0))} assume true; {811#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:46:48,836 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {811#(not (= |__VERIFIER_assert_#in~cond| 0))} {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} #55#return; {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,837 INFO L273 TraceCheckUtils]: 23: Hoare triple {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} havoc #t~mem3; {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:48,838 INFO L273 TraceCheckUtils]: 24: Hoare triple {809#(and (or (<= main_~a~0 1) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 1))))) (= main_~x~0 0) (<= main_~a~0 2))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {812#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:46:48,839 INFO L273 TraceCheckUtils]: 25: Hoare triple {812#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume true; {812#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:46:48,840 INFO L273 TraceCheckUtils]: 26: Hoare triple {812#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {813#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:46:48,841 INFO L256 TraceCheckUtils]: 27: Hoare triple {813#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {811#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:46:48,842 INFO L273 TraceCheckUtils]: 28: Hoare triple {811#(not (= |__VERIFIER_assert_#in~cond| 0))} ~cond := #in~cond; {814#(not (= __VERIFIER_assert_~cond 0))} is VALID [2018-11-14 18:46:48,842 INFO L273 TraceCheckUtils]: 29: Hoare triple {814#(not (= __VERIFIER_assert_~cond 0))} assume ~cond == 0; {804#false} is VALID [2018-11-14 18:46:48,843 INFO L273 TraceCheckUtils]: 30: Hoare triple {804#false} assume !false; {804#false} is VALID [2018-11-14 18:46:48,848 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 1 proven. 13 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:48,848 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-14 18:46:48,848 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-14 18:46:48,859 INFO L103 rtionOrderModulation]: Keeping assertion order OUTSIDE_LOOP_FIRST1 [2018-11-14 18:46:48,874 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2018-11-14 18:46:48,874 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 18:46:48,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:48,890 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 18:46:49,399 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 18:46:49,406 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2018-11-14 18:46:49,412 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 18:46:49,415 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:46:49,417 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:46:49,417 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:15, output treesize:3 [2018-11-14 18:46:49,420 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 18:46:49,492 INFO L256 TraceCheckUtils]: 0: Hoare triple {803#true} call ULTIMATE.init(); {803#true} is VALID [2018-11-14 18:46:49,493 INFO L273 TraceCheckUtils]: 1: Hoare triple {803#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {803#true} is VALID [2018-11-14 18:46:49,493 INFO L273 TraceCheckUtils]: 2: Hoare triple {803#true} assume true; {803#true} is VALID [2018-11-14 18:46:49,493 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {803#true} {803#true} #51#return; {803#true} is VALID [2018-11-14 18:46:49,494 INFO L256 TraceCheckUtils]: 4: Hoare triple {803#true} call #t~ret4 := main(); {803#true} is VALID [2018-11-14 18:46:49,495 INFO L273 TraceCheckUtils]: 5: Hoare triple {803#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {833#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} is VALID [2018-11-14 18:46:49,495 INFO L273 TraceCheckUtils]: 6: Hoare triple {833#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} assume true; {833#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} is VALID [2018-11-14 18:46:49,497 INFO L273 TraceCheckUtils]: 7: Hoare triple {833#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {833#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} is VALID [2018-11-14 18:46:49,497 INFO L273 TraceCheckUtils]: 8: Hoare triple {833#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {843#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} is VALID [2018-11-14 18:46:49,498 INFO L273 TraceCheckUtils]: 9: Hoare triple {843#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} assume true; {843#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} is VALID [2018-11-14 18:46:49,499 INFO L273 TraceCheckUtils]: 10: Hoare triple {843#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {850#(and (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))) (= 0 |main_~#aa~0.offset|))} is VALID [2018-11-14 18:46:49,499 INFO L273 TraceCheckUtils]: 11: Hoare triple {850#(and (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))) (= 0 |main_~#aa~0.offset|))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,500 INFO L273 TraceCheckUtils]: 12: Hoare triple {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} assume true; {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,501 INFO L273 TraceCheckUtils]: 13: Hoare triple {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,502 INFO L273 TraceCheckUtils]: 14: Hoare triple {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,503 INFO L273 TraceCheckUtils]: 15: Hoare triple {854#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} havoc ~x~0;~x~0 := 0; {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,504 INFO L273 TraceCheckUtils]: 16: Hoare triple {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} assume true; {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,504 INFO L273 TraceCheckUtils]: 17: Hoare triple {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,506 INFO L256 TraceCheckUtils]: 18: Hoare triple {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {877#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4)))} is VALID [2018-11-14 18:46:49,507 INFO L273 TraceCheckUtils]: 19: Hoare triple {877#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4)))} ~cond := #in~cond; {881#(and (exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4))) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))} is VALID [2018-11-14 18:46:49,508 INFO L273 TraceCheckUtils]: 20: Hoare triple {881#(and (exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4))) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))} assume !(~cond == 0); {885#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4))))} is VALID [2018-11-14 18:46:49,517 INFO L273 TraceCheckUtils]: 21: Hoare triple {885#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4))))} assume true; {885#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4))))} is VALID [2018-11-14 18:46:49,518 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {885#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_1| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_1|) 4))))} {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} #55#return; {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,519 INFO L273 TraceCheckUtils]: 23: Hoare triple {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} havoc #t~mem3; {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,520 INFO L273 TraceCheckUtils]: 24: Hoare triple {867#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {898#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,520 INFO L273 TraceCheckUtils]: 25: Hoare triple {898#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} assume true; {898#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} is VALID [2018-11-14 18:46:49,521 INFO L273 TraceCheckUtils]: 26: Hoare triple {898#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 4))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {813#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:46:49,522 INFO L256 TraceCheckUtils]: 27: Hoare triple {813#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {908#(= |__VERIFIER_assert_#in~cond| 1)} is VALID [2018-11-14 18:46:49,522 INFO L273 TraceCheckUtils]: 28: Hoare triple {908#(= |__VERIFIER_assert_#in~cond| 1)} ~cond := #in~cond; {912#(= 1 __VERIFIER_assert_~cond)} is VALID [2018-11-14 18:46:49,523 INFO L273 TraceCheckUtils]: 29: Hoare triple {912#(= 1 __VERIFIER_assert_~cond)} assume ~cond == 0; {804#false} is VALID [2018-11-14 18:46:49,523 INFO L273 TraceCheckUtils]: 30: Hoare triple {804#false} assume !false; {804#false} is VALID [2018-11-14 18:46:49,527 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 0 proven. 14 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 18:46:49,547 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 18:46:49,547 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 14] total 23 [2018-11-14 18:46:49,547 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 31 [2018-11-14 18:46:49,548 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:46:49,548 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 23 states. [2018-11-14 18:46:49,641 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 56 edges. 56 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:49,641 INFO L459 AbstractCegarLoop]: Interpolant automaton has 23 states [2018-11-14 18:46:49,641 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2018-11-14 18:46:49,642 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=66, Invalid=440, Unknown=0, NotChecked=0, Total=506 [2018-11-14 18:46:49,642 INFO L87 Difference]: Start difference. First operand 34 states and 35 transitions. Second operand 23 states. [2018-11-14 18:46:57,052 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:57,052 INFO L93 Difference]: Finished difference Result 71 states and 77 transitions. [2018-11-14 18:46:57,052 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2018-11-14 18:46:57,052 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 31 [2018-11-14 18:46:57,053 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:46:57,053 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 23 states. [2018-11-14 18:46:57,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 74 transitions. [2018-11-14 18:46:57,057 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 23 states. [2018-11-14 18:46:57,060 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 74 transitions. [2018-11-14 18:46:57,061 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 25 states and 74 transitions. [2018-11-14 18:46:57,188 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 74 edges. 74 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:57,191 INFO L225 Difference]: With dead ends: 71 [2018-11-14 18:46:57,192 INFO L226 Difference]: Without dead ends: 69 [2018-11-14 18:46:57,193 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 60 GetRequests, 22 SyntacticMatches, 1 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 348 ImplicationChecksByTransitivity, 1.6s TimeCoverageRelationStatistics Valid=202, Invalid=1280, Unknown=0, NotChecked=0, Total=1482 [2018-11-14 18:46:57,193 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2018-11-14 18:46:57,299 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 55. [2018-11-14 18:46:57,299 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:46:57,299 INFO L82 GeneralOperation]: Start isEquivalent. First operand 69 states. Second operand 55 states. [2018-11-14 18:46:57,299 INFO L74 IsIncluded]: Start isIncluded. First operand 69 states. Second operand 55 states. [2018-11-14 18:46:57,300 INFO L87 Difference]: Start difference. First operand 69 states. Second operand 55 states. [2018-11-14 18:46:57,304 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:57,304 INFO L93 Difference]: Finished difference Result 69 states and 75 transitions. [2018-11-14 18:46:57,305 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 75 transitions. [2018-11-14 18:46:57,306 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:57,306 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:57,306 INFO L74 IsIncluded]: Start isIncluded. First operand 55 states. Second operand 69 states. [2018-11-14 18:46:57,306 INFO L87 Difference]: Start difference. First operand 55 states. Second operand 69 states. [2018-11-14 18:46:57,311 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:46:57,311 INFO L93 Difference]: Finished difference Result 69 states and 75 transitions. [2018-11-14 18:46:57,311 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 75 transitions. [2018-11-14 18:46:57,312 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:46:57,312 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:46:57,313 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:46:57,313 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:46:57,313 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 55 states. [2018-11-14 18:46:57,316 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 55 states to 55 states and 59 transitions. [2018-11-14 18:46:57,316 INFO L78 Accepts]: Start accepts. Automaton has 55 states and 59 transitions. Word has length 31 [2018-11-14 18:46:57,316 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:46:57,317 INFO L480 AbstractCegarLoop]: Abstraction has 55 states and 59 transitions. [2018-11-14 18:46:57,317 INFO L481 AbstractCegarLoop]: Interpolant automaton has 23 states. [2018-11-14 18:46:57,317 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 59 transitions. [2018-11-14 18:46:57,318 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2018-11-14 18:46:57,318 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:46:57,318 INFO L375 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:46:57,319 INFO L423 AbstractCegarLoop]: === Iteration 6 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:46:57,319 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:46:57,319 INFO L82 PathProgramCache]: Analyzing trace with hash 1540295548, now seen corresponding path program 3 times [2018-11-14 18:46:57,319 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:46:57,319 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:46:57,320 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:57,321 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-11-14 18:46:57,321 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:46:57,343 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:57,720 INFO L256 TraceCheckUtils]: 0: Hoare triple {1260#true} call ULTIMATE.init(); {1260#true} is VALID [2018-11-14 18:46:57,721 INFO L273 TraceCheckUtils]: 1: Hoare triple {1260#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {1260#true} is VALID [2018-11-14 18:46:57,721 INFO L273 TraceCheckUtils]: 2: Hoare triple {1260#true} assume true; {1260#true} is VALID [2018-11-14 18:46:57,722 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1260#true} {1260#true} #51#return; {1260#true} is VALID [2018-11-14 18:46:57,722 INFO L256 TraceCheckUtils]: 4: Hoare triple {1260#true} call #t~ret4 := main(); {1260#true} is VALID [2018-11-14 18:46:57,743 INFO L273 TraceCheckUtils]: 5: Hoare triple {1260#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {1262#(= main_~a~0 0)} is VALID [2018-11-14 18:46:57,752 INFO L273 TraceCheckUtils]: 6: Hoare triple {1262#(= main_~a~0 0)} assume true; {1262#(= main_~a~0 0)} is VALID [2018-11-14 18:46:57,766 INFO L273 TraceCheckUtils]: 7: Hoare triple {1262#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1262#(= main_~a~0 0)} is VALID [2018-11-14 18:46:57,767 INFO L273 TraceCheckUtils]: 8: Hoare triple {1262#(= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1263#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:57,768 INFO L273 TraceCheckUtils]: 9: Hoare triple {1263#(<= main_~a~0 1)} assume true; {1263#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:57,768 INFO L273 TraceCheckUtils]: 10: Hoare triple {1263#(<= main_~a~0 1)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1263#(<= main_~a~0 1)} is VALID [2018-11-14 18:46:57,768 INFO L273 TraceCheckUtils]: 11: Hoare triple {1263#(<= main_~a~0 1)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1264#(<= main_~a~0 2)} is VALID [2018-11-14 18:46:57,769 INFO L273 TraceCheckUtils]: 12: Hoare triple {1264#(<= main_~a~0 2)} assume true; {1264#(<= main_~a~0 2)} is VALID [2018-11-14 18:46:57,769 INFO L273 TraceCheckUtils]: 13: Hoare triple {1264#(<= main_~a~0 2)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1265#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:57,770 INFO L273 TraceCheckUtils]: 14: Hoare triple {1265#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (<= main_~a~0 2))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} is VALID [2018-11-14 18:46:57,771 INFO L273 TraceCheckUtils]: 15: Hoare triple {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} assume true; {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} is VALID [2018-11-14 18:46:57,773 INFO L273 TraceCheckUtils]: 16: Hoare triple {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} is VALID [2018-11-14 18:46:57,779 INFO L273 TraceCheckUtils]: 17: Hoare triple {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} assume !(#t~mem0 >= 0);havoc #t~mem0; {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} is VALID [2018-11-14 18:46:57,780 INFO L273 TraceCheckUtils]: 18: Hoare triple {1266#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3))} havoc ~x~0;~x~0 := 0; {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} is VALID [2018-11-14 18:46:57,780 INFO L273 TraceCheckUtils]: 19: Hoare triple {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} assume true; {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} is VALID [2018-11-14 18:46:57,781 INFO L273 TraceCheckUtils]: 20: Hoare triple {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} is VALID [2018-11-14 18:46:57,781 INFO L256 TraceCheckUtils]: 21: Hoare triple {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1260#true} is VALID [2018-11-14 18:46:57,782 INFO L273 TraceCheckUtils]: 22: Hoare triple {1260#true} ~cond := #in~cond; {1268#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} is VALID [2018-11-14 18:46:57,782 INFO L273 TraceCheckUtils]: 23: Hoare triple {1268#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} assume !(~cond == 0); {1269#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:46:57,783 INFO L273 TraceCheckUtils]: 24: Hoare triple {1269#(not (= |__VERIFIER_assert_#in~cond| 0))} assume true; {1269#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:46:57,785 INFO L268 TraceCheckUtils]: 25: Hoare quadruple {1269#(not (= |__VERIFIER_assert_#in~cond| 0))} {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} #55#return; {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} is VALID [2018-11-14 18:46:57,786 INFO L273 TraceCheckUtils]: 26: Hoare triple {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} havoc #t~mem3; {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} is VALID [2018-11-14 18:46:57,789 INFO L273 TraceCheckUtils]: 27: Hoare triple {1267#(and (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (<= main_~a~0 2)) (<= main_~a~0 3) (= main_~x~0 0))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:46:57,789 INFO L273 TraceCheckUtils]: 28: Hoare triple {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} assume true; {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:46:57,790 INFO L273 TraceCheckUtils]: 29: Hoare triple {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:46:57,790 INFO L256 TraceCheckUtils]: 30: Hoare triple {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1260#true} is VALID [2018-11-14 18:46:57,790 INFO L273 TraceCheckUtils]: 31: Hoare triple {1260#true} ~cond := #in~cond; {1260#true} is VALID [2018-11-14 18:46:57,790 INFO L273 TraceCheckUtils]: 32: Hoare triple {1260#true} assume !(~cond == 0); {1260#true} is VALID [2018-11-14 18:46:57,791 INFO L273 TraceCheckUtils]: 33: Hoare triple {1260#true} assume true; {1260#true} is VALID [2018-11-14 18:46:57,791 INFO L268 TraceCheckUtils]: 34: Hoare quadruple {1260#true} {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} #55#return; {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:46:57,792 INFO L273 TraceCheckUtils]: 35: Hoare triple {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} havoc #t~mem3; {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:46:57,793 INFO L273 TraceCheckUtils]: 36: Hoare triple {1270#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1271#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:46:57,793 INFO L273 TraceCheckUtils]: 37: Hoare triple {1271#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume true; {1271#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:46:57,794 INFO L273 TraceCheckUtils]: 38: Hoare triple {1271#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1272#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:46:57,795 INFO L256 TraceCheckUtils]: 39: Hoare triple {1272#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1269#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:46:57,795 INFO L273 TraceCheckUtils]: 40: Hoare triple {1269#(not (= |__VERIFIER_assert_#in~cond| 0))} ~cond := #in~cond; {1273#(not (= __VERIFIER_assert_~cond 0))} is VALID [2018-11-14 18:46:57,796 INFO L273 TraceCheckUtils]: 41: Hoare triple {1273#(not (= __VERIFIER_assert_~cond 0))} assume ~cond == 0; {1261#false} is VALID [2018-11-14 18:46:57,796 INFO L273 TraceCheckUtils]: 42: Hoare triple {1261#false} assume !false; {1261#false} is VALID [2018-11-14 18:46:57,802 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 3 proven. 33 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-14 18:46:57,802 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-14 18:46:57,802 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-14 18:46:57,818 INFO L103 rtionOrderModulation]: Keeping assertion order OUTSIDE_LOOP_FIRST2 [2018-11-14 18:46:57,877 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2018-11-14 18:46:57,878 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 18:46:57,903 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:46:57,905 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 18:46:58,837 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 15 [2018-11-14 18:46:58,844 INFO L682 Elim1Store]: detected equality via solver [2018-11-14 18:46:58,845 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 14 [2018-11-14 18:46:58,849 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 18:46:58,854 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:46:58,866 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:46:58,867 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:28, output treesize:3 [2018-11-14 18:46:58,870 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 18:46:58,910 INFO L256 TraceCheckUtils]: 0: Hoare triple {1260#true} call ULTIMATE.init(); {1260#true} is VALID [2018-11-14 18:46:58,910 INFO L273 TraceCheckUtils]: 1: Hoare triple {1260#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {1260#true} is VALID [2018-11-14 18:46:58,910 INFO L273 TraceCheckUtils]: 2: Hoare triple {1260#true} assume true; {1260#true} is VALID [2018-11-14 18:46:58,911 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1260#true} {1260#true} #51#return; {1260#true} is VALID [2018-11-14 18:46:58,911 INFO L256 TraceCheckUtils]: 4: Hoare triple {1260#true} call #t~ret4 := main(); {1260#true} is VALID [2018-11-14 18:46:58,912 INFO L273 TraceCheckUtils]: 5: Hoare triple {1260#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {1292#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 0))} is VALID [2018-11-14 18:46:58,912 INFO L273 TraceCheckUtils]: 6: Hoare triple {1292#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 0))} assume true; {1292#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 0))} is VALID [2018-11-14 18:46:58,913 INFO L273 TraceCheckUtils]: 7: Hoare triple {1292#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 0))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1292#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 0))} is VALID [2018-11-14 18:46:58,913 INFO L273 TraceCheckUtils]: 8: Hoare triple {1292#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 0))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1302#(and (<= main_~a~0 1) (= 0 |main_~#aa~0.offset|))} is VALID [2018-11-14 18:46:58,914 INFO L273 TraceCheckUtils]: 9: Hoare triple {1302#(and (<= main_~a~0 1) (= 0 |main_~#aa~0.offset|))} assume true; {1302#(and (<= main_~a~0 1) (= 0 |main_~#aa~0.offset|))} is VALID [2018-11-14 18:46:58,915 INFO L273 TraceCheckUtils]: 10: Hoare triple {1302#(and (<= main_~a~0 1) (= 0 |main_~#aa~0.offset|))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1302#(and (<= main_~a~0 1) (= 0 |main_~#aa~0.offset|))} is VALID [2018-11-14 18:46:58,916 INFO L273 TraceCheckUtils]: 11: Hoare triple {1302#(and (<= main_~a~0 1) (= 0 |main_~#aa~0.offset|))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1312#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:58,917 INFO L273 TraceCheckUtils]: 12: Hoare triple {1312#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 2))} assume true; {1312#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:58,918 INFO L273 TraceCheckUtils]: 13: Hoare triple {1312#(and (= 0 |main_~#aa~0.offset|) (<= main_~a~0 2))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1319#(and (= 0 |main_~#aa~0.offset|) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))) (<= main_~a~0 2))} is VALID [2018-11-14 18:46:58,919 INFO L273 TraceCheckUtils]: 14: Hoare triple {1319#(and (= 0 |main_~#aa~0.offset|) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))) (<= main_~a~0 2))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,920 INFO L273 TraceCheckUtils]: 15: Hoare triple {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume true; {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,922 INFO L273 TraceCheckUtils]: 16: Hoare triple {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,923 INFO L273 TraceCheckUtils]: 17: Hoare triple {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,925 INFO L273 TraceCheckUtils]: 18: Hoare triple {1323#(and (= 0 |main_~#aa~0.offset|) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} havoc ~x~0;~x~0 := 0; {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,925 INFO L273 TraceCheckUtils]: 19: Hoare triple {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume true; {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,927 INFO L273 TraceCheckUtils]: 20: Hoare triple {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,929 INFO L256 TraceCheckUtils]: 21: Hoare triple {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,930 INFO L273 TraceCheckUtils]: 22: Hoare triple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} ~cond := #in~cond; {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,932 INFO L273 TraceCheckUtils]: 23: Hoare triple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} assume !(~cond == 0); {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,933 INFO L273 TraceCheckUtils]: 24: Hoare triple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} assume true; {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,936 INFO L268 TraceCheckUtils]: 25: Hoare quadruple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} #55#return; {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,939 INFO L273 TraceCheckUtils]: 26: Hoare triple {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} havoc #t~mem3; {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,941 INFO L273 TraceCheckUtils]: 27: Hoare triple {1336#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,942 INFO L273 TraceCheckUtils]: 28: Hoare triple {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume true; {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,943 INFO L273 TraceCheckUtils]: 29: Hoare triple {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,946 INFO L256 TraceCheckUtils]: 30: Hoare triple {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,946 INFO L273 TraceCheckUtils]: 31: Hoare triple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} ~cond := #in~cond; {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,947 INFO L273 TraceCheckUtils]: 32: Hoare triple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} assume !(~cond == 0); {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,947 INFO L273 TraceCheckUtils]: 33: Hoare triple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} assume true; {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} is VALID [2018-11-14 18:46:58,948 INFO L268 TraceCheckUtils]: 34: Hoare quadruple {1346#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_2| Int) (v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_2|) (* 4 v_main_~a~0_11)))))} {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} #55#return; {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,949 INFO L273 TraceCheckUtils]: 35: Hoare triple {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} havoc #t~mem3; {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,950 INFO L273 TraceCheckUtils]: 36: Hoare triple {1365#(and (= 0 |main_~#aa~0.offset|) (<= 1 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1393#(and (= 0 |main_~#aa~0.offset|) (<= 2 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,952 INFO L273 TraceCheckUtils]: 37: Hoare triple {1393#(and (= 0 |main_~#aa~0.offset|) (<= 2 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume true; {1393#(and (= 0 |main_~#aa~0.offset|) (<= 2 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} is VALID [2018-11-14 18:46:58,953 INFO L273 TraceCheckUtils]: 38: Hoare triple {1393#(and (= 0 |main_~#aa~0.offset|) (<= 2 main_~x~0) (exists ((v_main_~a~0_11 Int)) (and (<= v_main_~a~0_11 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 v_main_~a~0_11)))) (<= main_~a~0 (+ v_main_~a~0_11 1)))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1272#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:46:58,957 INFO L256 TraceCheckUtils]: 39: Hoare triple {1272#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1403#(= |__VERIFIER_assert_#in~cond| 1)} is VALID [2018-11-14 18:46:58,957 INFO L273 TraceCheckUtils]: 40: Hoare triple {1403#(= |__VERIFIER_assert_#in~cond| 1)} ~cond := #in~cond; {1407#(= 1 __VERIFIER_assert_~cond)} is VALID [2018-11-14 18:46:58,958 INFO L273 TraceCheckUtils]: 41: Hoare triple {1407#(= 1 __VERIFIER_assert_~cond)} assume ~cond == 0; {1261#false} is VALID [2018-11-14 18:46:58,958 INFO L273 TraceCheckUtils]: 42: Hoare triple {1261#false} assume !false; {1261#false} is VALID [2018-11-14 18:46:58,965 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 2 proven. 31 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2018-11-14 18:46:58,985 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 18:46:58,985 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 14] total 25 [2018-11-14 18:46:58,986 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 43 [2018-11-14 18:46:58,986 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:46:58,986 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 25 states. [2018-11-14 18:46:59,097 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 77 edges. 77 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:46:59,097 INFO L459 AbstractCegarLoop]: Interpolant automaton has 25 states [2018-11-14 18:46:59,097 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2018-11-14 18:46:59,098 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=88, Invalid=512, Unknown=0, NotChecked=0, Total=600 [2018-11-14 18:46:59,098 INFO L87 Difference]: Start difference. First operand 55 states and 59 transitions. Second operand 25 states. [2018-11-14 18:47:06,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:06,435 INFO L93 Difference]: Finished difference Result 98 states and 106 transitions. [2018-11-14 18:47:06,435 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2018-11-14 18:47:06,436 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 43 [2018-11-14 18:47:06,436 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:47:06,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2018-11-14 18:47:06,444 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 26 states to 26 states and 85 transitions. [2018-11-14 18:47:06,445 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2018-11-14 18:47:06,453 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 26 states to 26 states and 85 transitions. [2018-11-14 18:47:06,454 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 26 states and 85 transitions. [2018-11-14 18:47:06,629 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 85 edges. 85 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:47:06,632 INFO L225 Difference]: With dead ends: 98 [2018-11-14 18:47:06,632 INFO L226 Difference]: Without dead ends: 49 [2018-11-14 18:47:06,634 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 78 GetRequests, 33 SyntacticMatches, 3 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 494 ImplicationChecksByTransitivity, 1.2s TimeCoverageRelationStatistics Valid=272, Invalid=1620, Unknown=0, NotChecked=0, Total=1892 [2018-11-14 18:47:06,634 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 49 states. [2018-11-14 18:47:06,775 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 49 to 49. [2018-11-14 18:47:06,776 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:47:06,776 INFO L82 GeneralOperation]: Start isEquivalent. First operand 49 states. Second operand 49 states. [2018-11-14 18:47:06,776 INFO L74 IsIncluded]: Start isIncluded. First operand 49 states. Second operand 49 states. [2018-11-14 18:47:06,776 INFO L87 Difference]: Start difference. First operand 49 states. Second operand 49 states. [2018-11-14 18:47:06,779 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:06,779 INFO L93 Difference]: Finished difference Result 49 states and 50 transitions. [2018-11-14 18:47:06,779 INFO L276 IsEmpty]: Start isEmpty. Operand 49 states and 50 transitions. [2018-11-14 18:47:06,780 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:47:06,780 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:47:06,780 INFO L74 IsIncluded]: Start isIncluded. First operand 49 states. Second operand 49 states. [2018-11-14 18:47:06,780 INFO L87 Difference]: Start difference. First operand 49 states. Second operand 49 states. [2018-11-14 18:47:06,782 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:06,783 INFO L93 Difference]: Finished difference Result 49 states and 50 transitions. [2018-11-14 18:47:06,783 INFO L276 IsEmpty]: Start isEmpty. Operand 49 states and 50 transitions. [2018-11-14 18:47:06,783 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:47:06,783 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:47:06,783 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:47:06,784 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:47:06,784 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 49 states. [2018-11-14 18:47:06,785 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 49 states to 49 states and 50 transitions. [2018-11-14 18:47:06,786 INFO L78 Accepts]: Start accepts. Automaton has 49 states and 50 transitions. Word has length 43 [2018-11-14 18:47:06,786 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:47:06,786 INFO L480 AbstractCegarLoop]: Abstraction has 49 states and 50 transitions. [2018-11-14 18:47:06,786 INFO L481 AbstractCegarLoop]: Interpolant automaton has 25 states. [2018-11-14 18:47:06,786 INFO L276 IsEmpty]: Start isEmpty. Operand 49 states and 50 transitions. [2018-11-14 18:47:06,787 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2018-11-14 18:47:06,787 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:47:06,788 INFO L375 BasicCegarLoop]: trace histogram [5, 5, 4, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:47:06,788 INFO L423 AbstractCegarLoop]: === Iteration 7 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:47:06,788 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:47:06,788 INFO L82 PathProgramCache]: Analyzing trace with hash 1433361586, now seen corresponding path program 4 times [2018-11-14 18:47:06,788 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:47:06,788 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:47:06,789 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:47:06,789 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-11-14 18:47:06,789 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:47:06,806 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:47:07,078 INFO L256 TraceCheckUtils]: 0: Hoare triple {1750#true} call ULTIMATE.init(); {1750#true} is VALID [2018-11-14 18:47:07,078 INFO L273 TraceCheckUtils]: 1: Hoare triple {1750#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {1750#true} is VALID [2018-11-14 18:47:07,078 INFO L273 TraceCheckUtils]: 2: Hoare triple {1750#true} assume true; {1750#true} is VALID [2018-11-14 18:47:07,079 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1750#true} {1750#true} #51#return; {1750#true} is VALID [2018-11-14 18:47:07,079 INFO L256 TraceCheckUtils]: 4: Hoare triple {1750#true} call #t~ret4 := main(); {1750#true} is VALID [2018-11-14 18:47:07,079 INFO L273 TraceCheckUtils]: 5: Hoare triple {1750#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {1752#(= main_~a~0 0)} is VALID [2018-11-14 18:47:07,080 INFO L273 TraceCheckUtils]: 6: Hoare triple {1752#(= main_~a~0 0)} assume true; {1752#(= main_~a~0 0)} is VALID [2018-11-14 18:47:07,080 INFO L273 TraceCheckUtils]: 7: Hoare triple {1752#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1752#(= main_~a~0 0)} is VALID [2018-11-14 18:47:07,081 INFO L273 TraceCheckUtils]: 8: Hoare triple {1752#(= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} is VALID [2018-11-14 18:47:07,081 INFO L273 TraceCheckUtils]: 9: Hoare triple {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} assume true; {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} is VALID [2018-11-14 18:47:07,082 INFO L273 TraceCheckUtils]: 10: Hoare triple {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} is VALID [2018-11-14 18:47:07,083 INFO L273 TraceCheckUtils]: 11: Hoare triple {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} is VALID [2018-11-14 18:47:07,083 INFO L273 TraceCheckUtils]: 12: Hoare triple {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} assume true; {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} is VALID [2018-11-14 18:47:07,084 INFO L273 TraceCheckUtils]: 13: Hoare triple {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1755#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (<= 2 main_~a~0) (<= main_~a~0 2))} is VALID [2018-11-14 18:47:07,085 INFO L273 TraceCheckUtils]: 14: Hoare triple {1755#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (<= 2 main_~a~0) (<= main_~a~0 2))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:07,086 INFO L273 TraceCheckUtils]: 15: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume true; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:07,087 INFO L273 TraceCheckUtils]: 16: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:07,087 INFO L273 TraceCheckUtils]: 17: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:07,088 INFO L273 TraceCheckUtils]: 18: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume true; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:07,088 INFO L273 TraceCheckUtils]: 19: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:07,089 INFO L273 TraceCheckUtils]: 20: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:07,090 INFO L273 TraceCheckUtils]: 21: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} havoc ~x~0;~x~0 := 0; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:07,090 INFO L273 TraceCheckUtils]: 22: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} assume true; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:07,091 INFO L273 TraceCheckUtils]: 23: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:07,092 INFO L256 TraceCheckUtils]: 24: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1750#true} is VALID [2018-11-14 18:47:07,092 INFO L273 TraceCheckUtils]: 25: Hoare triple {1750#true} ~cond := #in~cond; {1758#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} is VALID [2018-11-14 18:47:07,093 INFO L273 TraceCheckUtils]: 26: Hoare triple {1758#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} assume !(~cond == 0); {1759#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:07,093 INFO L273 TraceCheckUtils]: 27: Hoare triple {1759#(not (= |__VERIFIER_assert_#in~cond| 0))} assume true; {1759#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:07,094 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {1759#(not (= |__VERIFIER_assert_#in~cond| 0))} {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} #55#return; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:07,095 INFO L273 TraceCheckUtils]: 29: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} havoc #t~mem3; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:07,096 INFO L273 TraceCheckUtils]: 30: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} is VALID [2018-11-14 18:47:07,097 INFO L273 TraceCheckUtils]: 31: Hoare triple {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} assume true; {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} is VALID [2018-11-14 18:47:07,097 INFO L273 TraceCheckUtils]: 32: Hoare triple {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} is VALID [2018-11-14 18:47:07,098 INFO L256 TraceCheckUtils]: 33: Hoare triple {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1750#true} is VALID [2018-11-14 18:47:07,098 INFO L273 TraceCheckUtils]: 34: Hoare triple {1750#true} ~cond := #in~cond; {1750#true} is VALID [2018-11-14 18:47:07,098 INFO L273 TraceCheckUtils]: 35: Hoare triple {1750#true} assume !(~cond == 0); {1750#true} is VALID [2018-11-14 18:47:07,099 INFO L273 TraceCheckUtils]: 36: Hoare triple {1750#true} assume true; {1750#true} is VALID [2018-11-14 18:47:07,101 INFO L268 TraceCheckUtils]: 37: Hoare quadruple {1750#true} {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} #55#return; {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} is VALID [2018-11-14 18:47:07,101 INFO L273 TraceCheckUtils]: 38: Hoare triple {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} havoc #t~mem3; {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} is VALID [2018-11-14 18:47:07,102 INFO L273 TraceCheckUtils]: 39: Hoare triple {1760#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1)))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1761#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))} is VALID [2018-11-14 18:47:07,102 INFO L273 TraceCheckUtils]: 40: Hoare triple {1761#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))} assume true; {1761#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))} is VALID [2018-11-14 18:47:07,103 INFO L273 TraceCheckUtils]: 41: Hoare triple {1761#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|)))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1762#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:47:07,103 INFO L256 TraceCheckUtils]: 42: Hoare triple {1762#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1759#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:07,104 INFO L273 TraceCheckUtils]: 43: Hoare triple {1759#(not (= |__VERIFIER_assert_#in~cond| 0))} ~cond := #in~cond; {1763#(not (= __VERIFIER_assert_~cond 0))} is VALID [2018-11-14 18:47:07,104 INFO L273 TraceCheckUtils]: 44: Hoare triple {1763#(not (= __VERIFIER_assert_~cond 0))} assume ~cond == 0; {1751#false} is VALID [2018-11-14 18:47:07,104 INFO L273 TraceCheckUtils]: 45: Hoare triple {1751#false} assume !false; {1751#false} is VALID [2018-11-14 18:47:07,110 INFO L134 CoverageAnalysis]: Checked inductivity of 49 backedges. 3 proven. 42 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2018-11-14 18:47:07,110 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-14 18:47:07,110 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-14 18:47:07,124 INFO L103 rtionOrderModulation]: Keeping assertion order TERMS_WITH_SMALL_CONSTANTS_FIRST [2018-11-14 18:47:07,164 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2018-11-14 18:47:07,164 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 18:47:07,176 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:47:07,179 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 18:47:14,605 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 17 [2018-11-14 18:47:14,609 INFO L682 Elim1Store]: detected equality via solver [2018-11-14 18:47:14,611 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 16 [2018-11-14 18:47:14,622 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 18:47:14,624 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:47:14,626 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:47:14,627 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:21, output treesize:3 [2018-11-14 18:47:14,629 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 18:47:14,665 INFO L256 TraceCheckUtils]: 0: Hoare triple {1750#true} call ULTIMATE.init(); {1750#true} is VALID [2018-11-14 18:47:14,665 INFO L273 TraceCheckUtils]: 1: Hoare triple {1750#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {1750#true} is VALID [2018-11-14 18:47:14,665 INFO L273 TraceCheckUtils]: 2: Hoare triple {1750#true} assume true; {1750#true} is VALID [2018-11-14 18:47:14,666 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1750#true} {1750#true} #51#return; {1750#true} is VALID [2018-11-14 18:47:14,666 INFO L256 TraceCheckUtils]: 4: Hoare triple {1750#true} call #t~ret4 := main(); {1750#true} is VALID [2018-11-14 18:47:14,667 INFO L273 TraceCheckUtils]: 5: Hoare triple {1750#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {1752#(= main_~a~0 0)} is VALID [2018-11-14 18:47:14,668 INFO L273 TraceCheckUtils]: 6: Hoare triple {1752#(= main_~a~0 0)} assume true; {1752#(= main_~a~0 0)} is VALID [2018-11-14 18:47:14,668 INFO L273 TraceCheckUtils]: 7: Hoare triple {1752#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1752#(= main_~a~0 0)} is VALID [2018-11-14 18:47:14,669 INFO L273 TraceCheckUtils]: 8: Hoare triple {1752#(= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} is VALID [2018-11-14 18:47:14,669 INFO L273 TraceCheckUtils]: 9: Hoare triple {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} assume true; {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} is VALID [2018-11-14 18:47:14,669 INFO L273 TraceCheckUtils]: 10: Hoare triple {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} is VALID [2018-11-14 18:47:14,670 INFO L273 TraceCheckUtils]: 11: Hoare triple {1753#(and (<= 1 main_~a~0) (<= main_~a~0 1))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} is VALID [2018-11-14 18:47:14,670 INFO L273 TraceCheckUtils]: 12: Hoare triple {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} assume true; {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} is VALID [2018-11-14 18:47:14,671 INFO L273 TraceCheckUtils]: 13: Hoare triple {1754#(and (<= 2 main_~a~0) (<= main_~a~0 2))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1806#(exists ((main_~a~0 Int)) (and (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))) (<= 2 main_~a~0) (<= main_~a~0 2)))} is VALID [2018-11-14 18:47:14,672 INFO L273 TraceCheckUtils]: 14: Hoare triple {1806#(exists ((main_~a~0 Int)) (and (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))) (<= 2 main_~a~0) (<= main_~a~0 2)))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:14,673 INFO L273 TraceCheckUtils]: 15: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume true; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:14,673 INFO L273 TraceCheckUtils]: 16: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:14,674 INFO L273 TraceCheckUtils]: 17: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:14,675 INFO L273 TraceCheckUtils]: 18: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume true; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:14,675 INFO L273 TraceCheckUtils]: 19: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:14,676 INFO L273 TraceCheckUtils]: 20: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} is VALID [2018-11-14 18:47:14,676 INFO L273 TraceCheckUtils]: 21: Hoare triple {1756#(<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2))))} havoc ~x~0;~x~0 := 0; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:14,677 INFO L273 TraceCheckUtils]: 22: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} assume true; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:14,678 INFO L273 TraceCheckUtils]: 23: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:14,679 INFO L256 TraceCheckUtils]: 24: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,680 INFO L273 TraceCheckUtils]: 25: Hoare triple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} ~cond := #in~cond; {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,698 INFO L273 TraceCheckUtils]: 26: Hoare triple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} assume !(~cond == 0); {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,706 INFO L273 TraceCheckUtils]: 27: Hoare triple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} assume true; {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,706 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} #55#return; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:14,708 INFO L273 TraceCheckUtils]: 29: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} havoc #t~mem3; {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} is VALID [2018-11-14 18:47:14,708 INFO L273 TraceCheckUtils]: 30: Hoare triple {1757#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 0))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} is VALID [2018-11-14 18:47:14,709 INFO L273 TraceCheckUtils]: 31: Hoare triple {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} assume true; {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} is VALID [2018-11-14 18:47:14,709 INFO L273 TraceCheckUtils]: 32: Hoare triple {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} is VALID [2018-11-14 18:47:14,710 INFO L256 TraceCheckUtils]: 33: Hoare triple {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,711 INFO L273 TraceCheckUtils]: 34: Hoare triple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} ~cond := #in~cond; {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,711 INFO L273 TraceCheckUtils]: 35: Hoare triple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} assume !(~cond == 0); {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,712 INFO L273 TraceCheckUtils]: 36: Hoare triple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} assume true; {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} is VALID [2018-11-14 18:47:14,716 INFO L268 TraceCheckUtils]: 37: Hoare quadruple {1840#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_4| Int) (|v_main_~#aa~0.offset_BEFORE_CALL_4| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_4|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_4| 8))))} {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} #55#return; {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} is VALID [2018-11-14 18:47:14,718 INFO L273 TraceCheckUtils]: 38: Hoare triple {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} havoc #t~mem3; {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} is VALID [2018-11-14 18:47:14,719 INFO L273 TraceCheckUtils]: 39: Hoare triple {1859#(and (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))) (= main_~x~0 1))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {1887#(and (= main_~x~0 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))))} is VALID [2018-11-14 18:47:14,719 INFO L273 TraceCheckUtils]: 40: Hoare triple {1887#(and (= main_~x~0 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))))} assume true; {1887#(and (= main_~x~0 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))))} is VALID [2018-11-14 18:47:14,720 INFO L273 TraceCheckUtils]: 41: Hoare triple {1887#(and (= main_~x~0 2) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 2)))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {1762#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:47:14,721 INFO L256 TraceCheckUtils]: 42: Hoare triple {1762#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {1897#(= |__VERIFIER_assert_#in~cond| 1)} is VALID [2018-11-14 18:47:14,721 INFO L273 TraceCheckUtils]: 43: Hoare triple {1897#(= |__VERIFIER_assert_#in~cond| 1)} ~cond := #in~cond; {1901#(= 1 __VERIFIER_assert_~cond)} is VALID [2018-11-14 18:47:14,722 INFO L273 TraceCheckUtils]: 44: Hoare triple {1901#(= 1 __VERIFIER_assert_~cond)} assume ~cond == 0; {1751#false} is VALID [2018-11-14 18:47:14,722 INFO L273 TraceCheckUtils]: 45: Hoare triple {1751#false} assume !false; {1751#false} is VALID [2018-11-14 18:47:14,728 INFO L134 CoverageAnalysis]: Checked inductivity of 49 backedges. 0 proven. 42 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2018-11-14 18:47:14,748 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 18:47:14,749 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 14] total 20 [2018-11-14 18:47:14,749 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 46 [2018-11-14 18:47:14,750 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:47:14,750 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 20 states. [2018-11-14 18:47:14,831 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 63 edges. 63 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:47:14,831 INFO L459 AbstractCegarLoop]: Interpolant automaton has 20 states [2018-11-14 18:47:14,831 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2018-11-14 18:47:14,831 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=50, Invalid=328, Unknown=2, NotChecked=0, Total=380 [2018-11-14 18:47:14,832 INFO L87 Difference]: Start difference. First operand 49 states and 50 transitions. Second operand 20 states. [2018-11-14 18:47:22,716 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:22,717 INFO L93 Difference]: Finished difference Result 62 states and 63 transitions. [2018-11-14 18:47:22,717 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2018-11-14 18:47:22,717 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 46 [2018-11-14 18:47:22,718 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:47:22,718 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20 states. [2018-11-14 18:47:22,720 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 54 transitions. [2018-11-14 18:47:22,720 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20 states. [2018-11-14 18:47:22,722 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 54 transitions. [2018-11-14 18:47:22,722 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 19 states and 54 transitions. [2018-11-14 18:47:22,786 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 54 edges. 54 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:47:22,789 INFO L225 Difference]: With dead ends: 62 [2018-11-14 18:47:22,789 INFO L226 Difference]: Without dead ends: 60 [2018-11-14 18:47:22,789 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 70 GetRequests, 39 SyntacticMatches, 5 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 120 ImplicationChecksByTransitivity, 7.4s TimeCoverageRelationStatistics Valid=105, Invalid=649, Unknown=2, NotChecked=0, Total=756 [2018-11-14 18:47:22,790 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2018-11-14 18:47:23,036 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 58. [2018-11-14 18:47:23,036 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:47:23,036 INFO L82 GeneralOperation]: Start isEquivalent. First operand 60 states. Second operand 58 states. [2018-11-14 18:47:23,036 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand 58 states. [2018-11-14 18:47:23,037 INFO L87 Difference]: Start difference. First operand 60 states. Second operand 58 states. [2018-11-14 18:47:23,039 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:23,039 INFO L93 Difference]: Finished difference Result 60 states and 61 transitions. [2018-11-14 18:47:23,039 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 61 transitions. [2018-11-14 18:47:23,040 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:47:23,040 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:47:23,040 INFO L74 IsIncluded]: Start isIncluded. First operand 58 states. Second operand 60 states. [2018-11-14 18:47:23,040 INFO L87 Difference]: Start difference. First operand 58 states. Second operand 60 states. [2018-11-14 18:47:23,043 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:23,043 INFO L93 Difference]: Finished difference Result 60 states and 61 transitions. [2018-11-14 18:47:23,043 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 61 transitions. [2018-11-14 18:47:23,043 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:47:23,043 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:47:23,044 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:47:23,044 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:47:23,044 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 58 states. [2018-11-14 18:47:23,046 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 59 transitions. [2018-11-14 18:47:23,046 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 59 transitions. Word has length 46 [2018-11-14 18:47:23,046 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:47:23,046 INFO L480 AbstractCegarLoop]: Abstraction has 58 states and 59 transitions. [2018-11-14 18:47:23,046 INFO L481 AbstractCegarLoop]: Interpolant automaton has 20 states. [2018-11-14 18:47:23,047 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 59 transitions. [2018-11-14 18:47:23,048 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2018-11-14 18:47:23,048 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:47:23,048 INFO L375 BasicCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:47:23,048 INFO L423 AbstractCegarLoop]: === Iteration 8 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:47:23,048 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:47:23,049 INFO L82 PathProgramCache]: Analyzing trace with hash -1336179009, now seen corresponding path program 5 times [2018-11-14 18:47:23,049 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:47:23,049 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:47:23,050 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:47:23,050 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-11-14 18:47:23,050 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:47:23,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:47:23,459 INFO L256 TraceCheckUtils]: 0: Hoare triple {2206#true} call ULTIMATE.init(); {2206#true} is VALID [2018-11-14 18:47:23,459 INFO L273 TraceCheckUtils]: 1: Hoare triple {2206#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {2206#true} is VALID [2018-11-14 18:47:23,460 INFO L273 TraceCheckUtils]: 2: Hoare triple {2206#true} assume true; {2206#true} is VALID [2018-11-14 18:47:23,460 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2206#true} {2206#true} #51#return; {2206#true} is VALID [2018-11-14 18:47:23,460 INFO L256 TraceCheckUtils]: 4: Hoare triple {2206#true} call #t~ret4 := main(); {2206#true} is VALID [2018-11-14 18:47:23,461 INFO L273 TraceCheckUtils]: 5: Hoare triple {2206#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {2208#(= main_~a~0 0)} is VALID [2018-11-14 18:47:23,461 INFO L273 TraceCheckUtils]: 6: Hoare triple {2208#(= main_~a~0 0)} assume true; {2208#(= main_~a~0 0)} is VALID [2018-11-14 18:47:23,462 INFO L273 TraceCheckUtils]: 7: Hoare triple {2208#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2208#(= main_~a~0 0)} is VALID [2018-11-14 18:47:23,462 INFO L273 TraceCheckUtils]: 8: Hoare triple {2208#(= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2209#(<= main_~a~0 1)} is VALID [2018-11-14 18:47:23,462 INFO L273 TraceCheckUtils]: 9: Hoare triple {2209#(<= main_~a~0 1)} assume true; {2209#(<= main_~a~0 1)} is VALID [2018-11-14 18:47:23,463 INFO L273 TraceCheckUtils]: 10: Hoare triple {2209#(<= main_~a~0 1)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2209#(<= main_~a~0 1)} is VALID [2018-11-14 18:47:23,463 INFO L273 TraceCheckUtils]: 11: Hoare triple {2209#(<= main_~a~0 1)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2210#(<= main_~a~0 2)} is VALID [2018-11-14 18:47:23,464 INFO L273 TraceCheckUtils]: 12: Hoare triple {2210#(<= main_~a~0 2)} assume true; {2210#(<= main_~a~0 2)} is VALID [2018-11-14 18:47:23,464 INFO L273 TraceCheckUtils]: 13: Hoare triple {2210#(<= main_~a~0 2)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2210#(<= main_~a~0 2)} is VALID [2018-11-14 18:47:23,465 INFO L273 TraceCheckUtils]: 14: Hoare triple {2210#(<= main_~a~0 2)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2211#(<= main_~a~0 3)} is VALID [2018-11-14 18:47:23,466 INFO L273 TraceCheckUtils]: 15: Hoare triple {2211#(<= main_~a~0 3)} assume true; {2211#(<= main_~a~0 3)} is VALID [2018-11-14 18:47:23,468 INFO L273 TraceCheckUtils]: 16: Hoare triple {2211#(<= main_~a~0 3)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2212#(and (<= main_~a~0 3) (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:47:23,469 INFO L273 TraceCheckUtils]: 17: Hoare triple {2212#(and (<= main_~a~0 3) (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,470 INFO L273 TraceCheckUtils]: 18: Hoare triple {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} assume true; {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,470 INFO L273 TraceCheckUtils]: 19: Hoare triple {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,474 INFO L273 TraceCheckUtils]: 20: Hoare triple {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,475 INFO L273 TraceCheckUtils]: 21: Hoare triple {2213#(and (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} havoc ~x~0;~x~0 := 0; {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,475 INFO L273 TraceCheckUtils]: 22: Hoare triple {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} assume true; {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,476 INFO L273 TraceCheckUtils]: 23: Hoare triple {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,476 INFO L256 TraceCheckUtils]: 24: Hoare triple {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2206#true} is VALID [2018-11-14 18:47:23,476 INFO L273 TraceCheckUtils]: 25: Hoare triple {2206#true} ~cond := #in~cond; {2215#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} is VALID [2018-11-14 18:47:23,476 INFO L273 TraceCheckUtils]: 26: Hoare triple {2215#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} assume !(~cond == 0); {2216#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:23,477 INFO L273 TraceCheckUtils]: 27: Hoare triple {2216#(not (= |__VERIFIER_assert_#in~cond| 0))} assume true; {2216#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:23,478 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {2216#(not (= |__VERIFIER_assert_#in~cond| 0))} {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} #55#return; {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,478 INFO L273 TraceCheckUtils]: 29: Hoare triple {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} havoc #t~mem3; {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,479 INFO L273 TraceCheckUtils]: 30: Hoare triple {2214#(and (= main_~x~0 0) (<= main_~a~0 4) (or (<= main_~a~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,480 INFO L273 TraceCheckUtils]: 31: Hoare triple {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} assume true; {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,481 INFO L273 TraceCheckUtils]: 32: Hoare triple {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,481 INFO L256 TraceCheckUtils]: 33: Hoare triple {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2206#true} is VALID [2018-11-14 18:47:23,481 INFO L273 TraceCheckUtils]: 34: Hoare triple {2206#true} ~cond := #in~cond; {2206#true} is VALID [2018-11-14 18:47:23,481 INFO L273 TraceCheckUtils]: 35: Hoare triple {2206#true} assume !(~cond == 0); {2206#true} is VALID [2018-11-14 18:47:23,482 INFO L273 TraceCheckUtils]: 36: Hoare triple {2206#true} assume true; {2206#true} is VALID [2018-11-14 18:47:23,483 INFO L268 TraceCheckUtils]: 37: Hoare quadruple {2206#true} {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} #55#return; {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,483 INFO L273 TraceCheckUtils]: 38: Hoare triple {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} havoc #t~mem3; {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} is VALID [2018-11-14 18:47:23,484 INFO L273 TraceCheckUtils]: 39: Hoare triple {2217#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1))))))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:23,485 INFO L273 TraceCheckUtils]: 40: Hoare triple {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} assume true; {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:23,486 INFO L273 TraceCheckUtils]: 41: Hoare triple {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:23,487 INFO L256 TraceCheckUtils]: 42: Hoare triple {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2206#true} is VALID [2018-11-14 18:47:23,487 INFO L273 TraceCheckUtils]: 43: Hoare triple {2206#true} ~cond := #in~cond; {2206#true} is VALID [2018-11-14 18:47:23,487 INFO L273 TraceCheckUtils]: 44: Hoare triple {2206#true} assume !(~cond == 0); {2206#true} is VALID [2018-11-14 18:47:23,487 INFO L273 TraceCheckUtils]: 45: Hoare triple {2206#true} assume true; {2206#true} is VALID [2018-11-14 18:47:23,488 INFO L268 TraceCheckUtils]: 46: Hoare quadruple {2206#true} {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} #55#return; {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:23,489 INFO L273 TraceCheckUtils]: 47: Hoare triple {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} havoc #t~mem3; {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:23,490 INFO L273 TraceCheckUtils]: 48: Hoare triple {2218#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~a~0 (- 1)))))) (<= main_~a~0 (+ main_~x~0 1))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2219#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:47:23,491 INFO L273 TraceCheckUtils]: 49: Hoare triple {2219#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume true; {2219#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:47:23,492 INFO L273 TraceCheckUtils]: 50: Hoare triple {2219#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2220#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:47:23,493 INFO L256 TraceCheckUtils]: 51: Hoare triple {2220#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2216#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:23,493 INFO L273 TraceCheckUtils]: 52: Hoare triple {2216#(not (= |__VERIFIER_assert_#in~cond| 0))} ~cond := #in~cond; {2221#(not (= __VERIFIER_assert_~cond 0))} is VALID [2018-11-14 18:47:23,494 INFO L273 TraceCheckUtils]: 53: Hoare triple {2221#(not (= __VERIFIER_assert_~cond 0))} assume ~cond == 0; {2207#false} is VALID [2018-11-14 18:47:23,494 INFO L273 TraceCheckUtils]: 54: Hoare triple {2207#false} assume !false; {2207#false} is VALID [2018-11-14 18:47:23,503 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 10 proven. 56 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2018-11-14 18:47:23,504 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-14 18:47:23,504 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-14 18:47:23,522 INFO L103 rtionOrderModulation]: Keeping assertion order INSIDE_LOOP_FIRST1 [2018-11-14 18:47:23,597 INFO L249 tOrderPrioritization]: Assert order INSIDE_LOOP_FIRST1 issued 5 check-sat command(s) [2018-11-14 18:47:23,597 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 18:47:23,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:47:23,631 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 18:47:24,501 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-14 18:47:24,506 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2018-11-14 18:47:24,509 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 18:47:24,511 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:47:24,513 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:47:24,513 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:15, output treesize:3 [2018-11-14 18:47:24,516 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 18:47:24,562 INFO L256 TraceCheckUtils]: 0: Hoare triple {2206#true} call ULTIMATE.init(); {2206#true} is VALID [2018-11-14 18:47:24,562 INFO L273 TraceCheckUtils]: 1: Hoare triple {2206#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {2206#true} is VALID [2018-11-14 18:47:24,562 INFO L273 TraceCheckUtils]: 2: Hoare triple {2206#true} assume true; {2206#true} is VALID [2018-11-14 18:47:24,562 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2206#true} {2206#true} #51#return; {2206#true} is VALID [2018-11-14 18:47:24,562 INFO L256 TraceCheckUtils]: 4: Hoare triple {2206#true} call #t~ret4 := main(); {2206#true} is VALID [2018-11-14 18:47:24,563 INFO L273 TraceCheckUtils]: 5: Hoare triple {2206#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {2240#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} is VALID [2018-11-14 18:47:24,564 INFO L273 TraceCheckUtils]: 6: Hoare triple {2240#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} assume true; {2240#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} is VALID [2018-11-14 18:47:24,564 INFO L273 TraceCheckUtils]: 7: Hoare triple {2240#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2240#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} is VALID [2018-11-14 18:47:24,565 INFO L273 TraceCheckUtils]: 8: Hoare triple {2240#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 0))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2250#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} is VALID [2018-11-14 18:47:24,566 INFO L273 TraceCheckUtils]: 9: Hoare triple {2250#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} assume true; {2250#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} is VALID [2018-11-14 18:47:24,567 INFO L273 TraceCheckUtils]: 10: Hoare triple {2250#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2250#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} is VALID [2018-11-14 18:47:24,568 INFO L273 TraceCheckUtils]: 11: Hoare triple {2250#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 1))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2260#(and (= main_~a~0 2) (= 0 |main_~#aa~0.offset|))} is VALID [2018-11-14 18:47:24,568 INFO L273 TraceCheckUtils]: 12: Hoare triple {2260#(and (= main_~a~0 2) (= 0 |main_~#aa~0.offset|))} assume true; {2260#(and (= main_~a~0 2) (= 0 |main_~#aa~0.offset|))} is VALID [2018-11-14 18:47:24,569 INFO L273 TraceCheckUtils]: 13: Hoare triple {2260#(and (= main_~a~0 2) (= 0 |main_~#aa~0.offset|))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2260#(and (= main_~a~0 2) (= 0 |main_~#aa~0.offset|))} is VALID [2018-11-14 18:47:24,570 INFO L273 TraceCheckUtils]: 14: Hoare triple {2260#(and (= main_~a~0 2) (= 0 |main_~#aa~0.offset|))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2270#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 3))} is VALID [2018-11-14 18:47:24,570 INFO L273 TraceCheckUtils]: 15: Hoare triple {2270#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 3))} assume true; {2270#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 3))} is VALID [2018-11-14 18:47:24,571 INFO L273 TraceCheckUtils]: 16: Hoare triple {2270#(and (= 0 |main_~#aa~0.offset|) (= main_~a~0 3))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2277#(and (= 0 |main_~#aa~0.offset|) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,572 INFO L273 TraceCheckUtils]: 17: Hoare triple {2277#(and (= 0 |main_~#aa~0.offset|) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,573 INFO L273 TraceCheckUtils]: 18: Hoare triple {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume true; {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,574 INFO L273 TraceCheckUtils]: 19: Hoare triple {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,575 INFO L273 TraceCheckUtils]: 20: Hoare triple {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,576 INFO L273 TraceCheckUtils]: 21: Hoare triple {2281#(and (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} havoc ~x~0;~x~0 := 0; {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,577 INFO L273 TraceCheckUtils]: 22: Hoare triple {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume true; {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,578 INFO L273 TraceCheckUtils]: 23: Hoare triple {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,579 INFO L256 TraceCheckUtils]: 24: Hoare triple {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,580 INFO L273 TraceCheckUtils]: 25: Hoare triple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} ~cond := #in~cond; {2308#(and (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12))))} is VALID [2018-11-14 18:47:24,581 INFO L273 TraceCheckUtils]: 26: Hoare triple {2308#(and (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12))))} assume !(~cond == 0); {2312#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12))))} is VALID [2018-11-14 18:47:24,582 INFO L273 TraceCheckUtils]: 27: Hoare triple {2312#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12))))} assume true; {2312#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12))))} is VALID [2018-11-14 18:47:24,583 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {2312#(and (not (= |__VERIFIER_assert_#in~cond| 0)) (exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12))))} {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} #55#return; {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,584 INFO L273 TraceCheckUtils]: 29: Hoare triple {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} havoc #t~mem3; {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,584 INFO L273 TraceCheckUtils]: 30: Hoare triple {2294#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,585 INFO L273 TraceCheckUtils]: 31: Hoare triple {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume true; {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,593 INFO L273 TraceCheckUtils]: 32: Hoare triple {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,594 INFO L256 TraceCheckUtils]: 33: Hoare triple {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,595 INFO L273 TraceCheckUtils]: 34: Hoare triple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} ~cond := #in~cond; {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,595 INFO L273 TraceCheckUtils]: 35: Hoare triple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} assume !(~cond == 0); {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,595 INFO L273 TraceCheckUtils]: 36: Hoare triple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} assume true; {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,596 INFO L268 TraceCheckUtils]: 37: Hoare quadruple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} #55#return; {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,597 INFO L273 TraceCheckUtils]: 38: Hoare triple {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} havoc #t~mem3; {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,597 INFO L273 TraceCheckUtils]: 39: Hoare triple {2325#(and (= main_~x~0 1) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,598 INFO L273 TraceCheckUtils]: 40: Hoare triple {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume true; {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,599 INFO L273 TraceCheckUtils]: 41: Hoare triple {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,600 INFO L256 TraceCheckUtils]: 42: Hoare triple {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,601 INFO L273 TraceCheckUtils]: 43: Hoare triple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} ~cond := #in~cond; {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,601 INFO L273 TraceCheckUtils]: 44: Hoare triple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} assume !(~cond == 0); {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,602 INFO L273 TraceCheckUtils]: 45: Hoare triple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} assume true; {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} is VALID [2018-11-14 18:47:24,603 INFO L268 TraceCheckUtils]: 46: Hoare quadruple {2304#(exists ((|v_main_~#aa~0.base_BEFORE_CALL_6| Int)) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_6|) 12)))} {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} #55#return; {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,604 INFO L273 TraceCheckUtils]: 47: Hoare triple {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} havoc #t~mem3; {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,605 INFO L273 TraceCheckUtils]: 48: Hoare triple {2353#(and (= main_~x~0 2) (= 0 |main_~#aa~0.offset|) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2381#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,605 INFO L273 TraceCheckUtils]: 49: Hoare triple {2381#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume true; {2381#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} is VALID [2018-11-14 18:47:24,606 INFO L273 TraceCheckUtils]: 50: Hoare triple {2381#(and (= 0 |main_~#aa~0.offset|) (= main_~x~0 3) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| 12))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2220#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:47:24,607 INFO L256 TraceCheckUtils]: 51: Hoare triple {2220#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2391#(= |__VERIFIER_assert_#in~cond| 1)} is VALID [2018-11-14 18:47:24,608 INFO L273 TraceCheckUtils]: 52: Hoare triple {2391#(= |__VERIFIER_assert_#in~cond| 1)} ~cond := #in~cond; {2395#(= 1 __VERIFIER_assert_~cond)} is VALID [2018-11-14 18:47:24,609 INFO L273 TraceCheckUtils]: 53: Hoare triple {2395#(= 1 __VERIFIER_assert_~cond)} assume ~cond == 0; {2207#false} is VALID [2018-11-14 18:47:24,609 INFO L273 TraceCheckUtils]: 54: Hoare triple {2207#false} assume !false; {2207#false} is VALID [2018-11-14 18:47:24,618 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 0 proven. 66 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2018-11-14 18:47:24,638 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 18:47:24,638 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 18] total 31 [2018-11-14 18:47:24,639 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 55 [2018-11-14 18:47:24,639 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:47:24,639 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 31 states. [2018-11-14 18:47:24,746 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 98 edges. 98 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:47:24,746 INFO L459 AbstractCegarLoop]: Interpolant automaton has 31 states [2018-11-14 18:47:24,747 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2018-11-14 18:47:24,747 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=103, Invalid=827, Unknown=0, NotChecked=0, Total=930 [2018-11-14 18:47:24,747 INFO L87 Difference]: Start difference. First operand 58 states and 59 transitions. Second operand 31 states. [2018-11-14 18:47:33,886 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:33,887 INFO L93 Difference]: Finished difference Result 100 states and 107 transitions. [2018-11-14 18:47:33,887 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 36 states. [2018-11-14 18:47:33,887 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 55 [2018-11-14 18:47:33,887 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 18:47:33,887 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 31 states. [2018-11-14 18:47:33,891 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 98 transitions. [2018-11-14 18:47:33,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 31 states. [2018-11-14 18:47:33,894 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 98 transitions. [2018-11-14 18:47:33,894 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 36 states and 98 transitions. [2018-11-14 18:47:34,027 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 98 edges. 98 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 18:47:34,030 INFO L225 Difference]: With dead ends: 100 [2018-11-14 18:47:34,030 INFO L226 Difference]: Without dead ends: 72 [2018-11-14 18:47:34,031 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 96 GetRequests, 39 SyntacticMatches, 5 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 813 ImplicationChecksByTransitivity, 1.7s TimeCoverageRelationStatistics Valid=309, Invalid=2553, Unknown=0, NotChecked=0, Total=2862 [2018-11-14 18:47:34,032 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2018-11-14 18:47:34,211 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 70. [2018-11-14 18:47:34,212 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 18:47:34,212 INFO L82 GeneralOperation]: Start isEquivalent. First operand 72 states. Second operand 70 states. [2018-11-14 18:47:34,212 INFO L74 IsIncluded]: Start isIncluded. First operand 72 states. Second operand 70 states. [2018-11-14 18:47:34,212 INFO L87 Difference]: Start difference. First operand 72 states. Second operand 70 states. [2018-11-14 18:47:34,216 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:34,216 INFO L93 Difference]: Finished difference Result 72 states and 73 transitions. [2018-11-14 18:47:34,216 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 73 transitions. [2018-11-14 18:47:34,216 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:47:34,216 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:47:34,216 INFO L74 IsIncluded]: Start isIncluded. First operand 70 states. Second operand 72 states. [2018-11-14 18:47:34,217 INFO L87 Difference]: Start difference. First operand 70 states. Second operand 72 states. [2018-11-14 18:47:34,219 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 18:47:34,219 INFO L93 Difference]: Finished difference Result 72 states and 73 transitions. [2018-11-14 18:47:34,219 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 73 transitions. [2018-11-14 18:47:34,220 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 18:47:34,220 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 18:47:34,220 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 18:47:34,220 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 18:47:34,220 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 70 states. [2018-11-14 18:47:34,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 71 transitions. [2018-11-14 18:47:34,223 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 71 transitions. Word has length 55 [2018-11-14 18:47:34,223 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 18:47:34,223 INFO L480 AbstractCegarLoop]: Abstraction has 70 states and 71 transitions. [2018-11-14 18:47:34,223 INFO L481 AbstractCegarLoop]: Interpolant automaton has 31 states. [2018-11-14 18:47:34,223 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 71 transitions. [2018-11-14 18:47:34,224 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2018-11-14 18:47:34,224 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 18:47:34,224 INFO L375 BasicCegarLoop]: trace histogram [6, 6, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 18:47:34,225 INFO L423 AbstractCegarLoop]: === Iteration 9 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 18:47:34,225 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 18:47:34,225 INFO L82 PathProgramCache]: Analyzing trace with hash 1306200028, now seen corresponding path program 6 times [2018-11-14 18:47:34,225 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 18:47:34,225 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 18:47:34,226 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:47:34,226 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-11-14 18:47:34,226 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 18:47:34,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:47:34,639 INFO L256 TraceCheckUtils]: 0: Hoare triple {2822#true} call ULTIMATE.init(); {2822#true} is VALID [2018-11-14 18:47:34,639 INFO L273 TraceCheckUtils]: 1: Hoare triple {2822#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {2822#true} is VALID [2018-11-14 18:47:34,639 INFO L273 TraceCheckUtils]: 2: Hoare triple {2822#true} assume true; {2822#true} is VALID [2018-11-14 18:47:34,640 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2822#true} {2822#true} #51#return; {2822#true} is VALID [2018-11-14 18:47:34,640 INFO L256 TraceCheckUtils]: 4: Hoare triple {2822#true} call #t~ret4 := main(); {2822#true} is VALID [2018-11-14 18:47:34,644 INFO L273 TraceCheckUtils]: 5: Hoare triple {2822#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {2824#(= main_~a~0 0)} is VALID [2018-11-14 18:47:34,645 INFO L273 TraceCheckUtils]: 6: Hoare triple {2824#(= main_~a~0 0)} assume true; {2824#(= main_~a~0 0)} is VALID [2018-11-14 18:47:34,645 INFO L273 TraceCheckUtils]: 7: Hoare triple {2824#(= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2824#(= main_~a~0 0)} is VALID [2018-11-14 18:47:34,646 INFO L273 TraceCheckUtils]: 8: Hoare triple {2824#(= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2825#(<= main_~a~0 1)} is VALID [2018-11-14 18:47:34,646 INFO L273 TraceCheckUtils]: 9: Hoare triple {2825#(<= main_~a~0 1)} assume true; {2825#(<= main_~a~0 1)} is VALID [2018-11-14 18:47:34,646 INFO L273 TraceCheckUtils]: 10: Hoare triple {2825#(<= main_~a~0 1)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2825#(<= main_~a~0 1)} is VALID [2018-11-14 18:47:34,647 INFO L273 TraceCheckUtils]: 11: Hoare triple {2825#(<= main_~a~0 1)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2826#(<= main_~a~0 2)} is VALID [2018-11-14 18:47:34,647 INFO L273 TraceCheckUtils]: 12: Hoare triple {2826#(<= main_~a~0 2)} assume true; {2826#(<= main_~a~0 2)} is VALID [2018-11-14 18:47:34,648 INFO L273 TraceCheckUtils]: 13: Hoare triple {2826#(<= main_~a~0 2)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2826#(<= main_~a~0 2)} is VALID [2018-11-14 18:47:34,649 INFO L273 TraceCheckUtils]: 14: Hoare triple {2826#(<= main_~a~0 2)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2827#(<= main_~a~0 3)} is VALID [2018-11-14 18:47:34,649 INFO L273 TraceCheckUtils]: 15: Hoare triple {2827#(<= main_~a~0 3)} assume true; {2827#(<= main_~a~0 3)} is VALID [2018-11-14 18:47:34,650 INFO L273 TraceCheckUtils]: 16: Hoare triple {2827#(<= main_~a~0 3)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2827#(<= main_~a~0 3)} is VALID [2018-11-14 18:47:34,651 INFO L273 TraceCheckUtils]: 17: Hoare triple {2827#(<= main_~a~0 3)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2828#(<= main_~a~0 4)} is VALID [2018-11-14 18:47:34,651 INFO L273 TraceCheckUtils]: 18: Hoare triple {2828#(<= main_~a~0 4)} assume true; {2828#(<= main_~a~0 4)} is VALID [2018-11-14 18:47:34,652 INFO L273 TraceCheckUtils]: 19: Hoare triple {2828#(<= main_~a~0 4)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2829#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (<= main_~a~0 4))} is VALID [2018-11-14 18:47:34,653 INFO L273 TraceCheckUtils]: 20: Hoare triple {2829#(and (= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~a~0) |main_~#aa~0.offset|))) (<= main_~a~0 4))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,654 INFO L273 TraceCheckUtils]: 21: Hoare triple {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} assume true; {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,655 INFO L273 TraceCheckUtils]: 22: Hoare triple {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,656 INFO L273 TraceCheckUtils]: 23: Hoare triple {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,657 INFO L273 TraceCheckUtils]: 24: Hoare triple {2830#(and (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} havoc ~x~0;~x~0 := 0; {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,657 INFO L273 TraceCheckUtils]: 25: Hoare triple {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} assume true; {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,658 INFO L273 TraceCheckUtils]: 26: Hoare triple {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,659 INFO L256 TraceCheckUtils]: 27: Hoare triple {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2822#true} is VALID [2018-11-14 18:47:34,659 INFO L273 TraceCheckUtils]: 28: Hoare triple {2822#true} ~cond := #in~cond; {2832#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} is VALID [2018-11-14 18:47:34,660 INFO L273 TraceCheckUtils]: 29: Hoare triple {2832#(= __VERIFIER_assert_~cond |__VERIFIER_assert_#in~cond|)} assume !(~cond == 0); {2833#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:34,660 INFO L273 TraceCheckUtils]: 30: Hoare triple {2833#(not (= |__VERIFIER_assert_#in~cond| 0))} assume true; {2833#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:34,662 INFO L268 TraceCheckUtils]: 31: Hoare quadruple {2833#(not (= |__VERIFIER_assert_#in~cond| 0))} {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} #55#return; {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,663 INFO L273 TraceCheckUtils]: 32: Hoare triple {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} havoc #t~mem3; {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} is VALID [2018-11-14 18:47:34,664 INFO L273 TraceCheckUtils]: 33: Hoare triple {2831#(and (= main_~x~0 0) (<= main_~a~0 5) (or (<= main_~a~0 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 4))))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} is VALID [2018-11-14 18:47:34,665 INFO L273 TraceCheckUtils]: 34: Hoare triple {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} assume true; {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} is VALID [2018-11-14 18:47:34,666 INFO L273 TraceCheckUtils]: 35: Hoare triple {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} is VALID [2018-11-14 18:47:34,666 INFO L256 TraceCheckUtils]: 36: Hoare triple {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2822#true} is VALID [2018-11-14 18:47:34,666 INFO L273 TraceCheckUtils]: 37: Hoare triple {2822#true} ~cond := #in~cond; {2822#true} is VALID [2018-11-14 18:47:34,667 INFO L273 TraceCheckUtils]: 38: Hoare triple {2822#true} assume !(~cond == 0); {2822#true} is VALID [2018-11-14 18:47:34,667 INFO L273 TraceCheckUtils]: 39: Hoare triple {2822#true} assume true; {2822#true} is VALID [2018-11-14 18:47:34,683 INFO L268 TraceCheckUtils]: 40: Hoare quadruple {2822#true} {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} #55#return; {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} is VALID [2018-11-14 18:47:34,684 INFO L273 TraceCheckUtils]: 41: Hoare triple {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} havoc #t~mem3; {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} is VALID [2018-11-14 18:47:34,685 INFO L273 TraceCheckUtils]: 42: Hoare triple {2834#(and (<= main_~a~0 (+ main_~x~0 4)) (or (<= main_~a~0 (+ main_~x~0 3)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 3)))))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} is VALID [2018-11-14 18:47:34,686 INFO L273 TraceCheckUtils]: 43: Hoare triple {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} assume true; {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} is VALID [2018-11-14 18:47:34,686 INFO L273 TraceCheckUtils]: 44: Hoare triple {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} is VALID [2018-11-14 18:47:34,686 INFO L256 TraceCheckUtils]: 45: Hoare triple {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2822#true} is VALID [2018-11-14 18:47:34,686 INFO L273 TraceCheckUtils]: 46: Hoare triple {2822#true} ~cond := #in~cond; {2822#true} is VALID [2018-11-14 18:47:34,687 INFO L273 TraceCheckUtils]: 47: Hoare triple {2822#true} assume !(~cond == 0); {2822#true} is VALID [2018-11-14 18:47:34,687 INFO L273 TraceCheckUtils]: 48: Hoare triple {2822#true} assume true; {2822#true} is VALID [2018-11-14 18:47:34,688 INFO L268 TraceCheckUtils]: 49: Hoare quadruple {2822#true} {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} #55#return; {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} is VALID [2018-11-14 18:47:34,689 INFO L273 TraceCheckUtils]: 50: Hoare triple {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} havoc #t~mem3; {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} is VALID [2018-11-14 18:47:34,690 INFO L273 TraceCheckUtils]: 51: Hoare triple {2835#(and (<= main_~a~0 (+ main_~x~0 3)) (or (<= main_~a~0 (+ main_~x~0 2)) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 2)))))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:34,690 INFO L273 TraceCheckUtils]: 52: Hoare triple {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} assume true; {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:34,691 INFO L273 TraceCheckUtils]: 53: Hoare triple {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:34,691 INFO L256 TraceCheckUtils]: 54: Hoare triple {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2822#true} is VALID [2018-11-14 18:47:34,691 INFO L273 TraceCheckUtils]: 55: Hoare triple {2822#true} ~cond := #in~cond; {2822#true} is VALID [2018-11-14 18:47:34,691 INFO L273 TraceCheckUtils]: 56: Hoare triple {2822#true} assume !(~cond == 0); {2822#true} is VALID [2018-11-14 18:47:34,692 INFO L273 TraceCheckUtils]: 57: Hoare triple {2822#true} assume true; {2822#true} is VALID [2018-11-14 18:47:34,693 INFO L268 TraceCheckUtils]: 58: Hoare quadruple {2822#true} {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} #55#return; {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:34,693 INFO L273 TraceCheckUtils]: 59: Hoare triple {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} havoc #t~mem3; {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} is VALID [2018-11-14 18:47:34,694 INFO L273 TraceCheckUtils]: 60: Hoare triple {2836#(and (<= main_~a~0 (+ main_~x~0 2)) (or (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 (+ main_~x~0 1))))) (<= main_~a~0 (+ main_~x~0 1))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2837#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:47:34,695 INFO L273 TraceCheckUtils]: 61: Hoare triple {2837#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume true; {2837#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} is VALID [2018-11-14 18:47:34,695 INFO L273 TraceCheckUtils]: 62: Hoare triple {2837#(or (<= main_~a~0 main_~x~0) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 main_~x~0) |main_~#aa~0.offset|))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2838#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:47:34,696 INFO L256 TraceCheckUtils]: 63: Hoare triple {2838#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2833#(not (= |__VERIFIER_assert_#in~cond| 0))} is VALID [2018-11-14 18:47:34,696 INFO L273 TraceCheckUtils]: 64: Hoare triple {2833#(not (= |__VERIFIER_assert_#in~cond| 0))} ~cond := #in~cond; {2839#(not (= __VERIFIER_assert_~cond 0))} is VALID [2018-11-14 18:47:34,697 INFO L273 TraceCheckUtils]: 65: Hoare triple {2839#(not (= __VERIFIER_assert_~cond 0))} assume ~cond == 0; {2823#false} is VALID [2018-11-14 18:47:34,697 INFO L273 TraceCheckUtils]: 66: Hoare triple {2823#false} assume !false; {2823#false} is VALID [2018-11-14 18:47:34,710 INFO L134 CoverageAnalysis]: Checked inductivity of 119 backedges. 22 proven. 82 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2018-11-14 18:47:34,710 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-14 18:47:34,710 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-14 18:47:34,719 INFO L103 rtionOrderModulation]: Keeping assertion order MIX_INSIDE_OUTSIDE [2018-11-14 18:47:34,748 INFO L249 tOrderPrioritization]: Assert order MIX_INSIDE_OUTSIDE issued 6 check-sat command(s) [2018-11-14 18:47:34,749 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-14 18:47:34,765 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 18:47:34,767 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-14 18:47:42,513 WARN L179 SmtUtils]: Spent 1.23 s on a formula simplification that was a NOOP. DAG size: 32 [2018-11-14 18:47:43,433 WARN L179 SmtUtils]: Spent 839.00 ms on a formula simplification that was a NOOP. DAG size: 32 [2018-11-14 18:47:52,843 WARN L179 SmtUtils]: Spent 3.16 s on a formula simplification. DAG size of input: 43 DAG size of output: 32 [2018-11-14 18:47:56,140 WARN L179 SmtUtils]: Spent 1.13 s on a formula simplification that was a NOOP. DAG size: 33 [2018-11-14 18:48:05,699 WARN L179 SmtUtils]: Spent 2.01 s on a formula simplification that was a NOOP. DAG size: 33 [2018-11-14 18:48:12,923 WARN L179 SmtUtils]: Spent 1.10 s on a formula simplification that was a NOOP. DAG size: 32 [2018-11-14 18:48:12,988 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 34 treesize of output 36 [2018-11-14 18:48:12,999 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 26 [2018-11-14 18:48:13,003 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-14 18:48:13,027 INFO L682 Elim1Store]: detected equality via solver [2018-11-14 18:48:13,030 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 22 [2018-11-14 18:48:13,034 INFO L267 ElimStorePlain]: Start of recursive call 4: End of recursive call: and 1 xjuncts. [2018-11-14 18:48:13,056 INFO L682 Elim1Store]: detected equality via solver [2018-11-14 18:48:13,069 INFO L477 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 28 treesize of output 37 [2018-11-14 18:48:13,078 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 2 xjuncts. [2018-11-14 18:48:13,090 INFO L267 ElimStorePlain]: Start of recursive call 2: 3 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:48:13,105 INFO L267 ElimStorePlain]: Start of recursive call 1: 7 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-14 18:48:13,106 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 8 variables, input treesize:46, output treesize:3 [2018-11-14 18:48:13,109 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-14 18:48:13,158 INFO L256 TraceCheckUtils]: 0: Hoare triple {2822#true} call ULTIMATE.init(); {2822#true} is VALID [2018-11-14 18:48:13,159 INFO L273 TraceCheckUtils]: 1: Hoare triple {2822#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0]; {2822#true} is VALID [2018-11-14 18:48:13,159 INFO L273 TraceCheckUtils]: 2: Hoare triple {2822#true} assume true; {2822#true} is VALID [2018-11-14 18:48:13,159 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2822#true} {2822#true} #51#return; {2822#true} is VALID [2018-11-14 18:48:13,159 INFO L256 TraceCheckUtils]: 4: Hoare triple {2822#true} call #t~ret4 := main(); {2822#true} is VALID [2018-11-14 18:48:13,160 INFO L273 TraceCheckUtils]: 5: Hoare triple {2822#true} call ~#aa~0.base, ~#aa~0.offset := #Ultimate.alloc(400000);~a~0 := 0; {2858#(<= main_~a~0 0)} is VALID [2018-11-14 18:48:13,161 INFO L273 TraceCheckUtils]: 6: Hoare triple {2858#(<= main_~a~0 0)} assume true; {2858#(<= main_~a~0 0)} is VALID [2018-11-14 18:48:13,161 INFO L273 TraceCheckUtils]: 7: Hoare triple {2858#(<= main_~a~0 0)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2858#(<= main_~a~0 0)} is VALID [2018-11-14 18:48:13,162 INFO L273 TraceCheckUtils]: 8: Hoare triple {2858#(<= main_~a~0 0)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2825#(<= main_~a~0 1)} is VALID [2018-11-14 18:48:13,163 INFO L273 TraceCheckUtils]: 9: Hoare triple {2825#(<= main_~a~0 1)} assume true; {2825#(<= main_~a~0 1)} is VALID [2018-11-14 18:48:13,163 INFO L273 TraceCheckUtils]: 10: Hoare triple {2825#(<= main_~a~0 1)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2825#(<= main_~a~0 1)} is VALID [2018-11-14 18:48:13,164 INFO L273 TraceCheckUtils]: 11: Hoare triple {2825#(<= main_~a~0 1)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2826#(<= main_~a~0 2)} is VALID [2018-11-14 18:48:13,165 INFO L273 TraceCheckUtils]: 12: Hoare triple {2826#(<= main_~a~0 2)} assume true; {2826#(<= main_~a~0 2)} is VALID [2018-11-14 18:48:13,165 INFO L273 TraceCheckUtils]: 13: Hoare triple {2826#(<= main_~a~0 2)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2826#(<= main_~a~0 2)} is VALID [2018-11-14 18:48:13,166 INFO L273 TraceCheckUtils]: 14: Hoare triple {2826#(<= main_~a~0 2)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2827#(<= main_~a~0 3)} is VALID [2018-11-14 18:48:13,166 INFO L273 TraceCheckUtils]: 15: Hoare triple {2827#(<= main_~a~0 3)} assume true; {2827#(<= main_~a~0 3)} is VALID [2018-11-14 18:48:13,167 INFO L273 TraceCheckUtils]: 16: Hoare triple {2827#(<= main_~a~0 3)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2827#(<= main_~a~0 3)} is VALID [2018-11-14 18:48:13,168 INFO L273 TraceCheckUtils]: 17: Hoare triple {2827#(<= main_~a~0 3)} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2828#(<= main_~a~0 4)} is VALID [2018-11-14 18:48:13,168 INFO L273 TraceCheckUtils]: 18: Hoare triple {2828#(<= main_~a~0 4)} assume true; {2828#(<= main_~a~0 4)} is VALID [2018-11-14 18:48:13,169 INFO L273 TraceCheckUtils]: 19: Hoare triple {2828#(<= main_~a~0 4)} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2901#(and (<= main_~a~0 4) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))} is VALID [2018-11-14 18:48:13,170 INFO L273 TraceCheckUtils]: 20: Hoare triple {2901#(and (<= main_~a~0 4) (<= |main_#t~mem0| (select (select |#memory_int| |main_~#aa~0.base|) (+ |main_~#aa~0.offset| (* 4 main_~a~0)))))} assume !!(#t~mem0 >= 0);havoc #t~mem0;#t~post1 := ~a~0;~a~0 := #t~post1 + 1;havoc #t~post1; {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} is VALID [2018-11-14 18:48:13,171 INFO L273 TraceCheckUtils]: 21: Hoare triple {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} assume true; {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} is VALID [2018-11-14 18:48:13,172 INFO L273 TraceCheckUtils]: 22: Hoare triple {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} call #t~mem0 := read~int(~#aa~0.base, ~#aa~0.offset + ~a~0 * 4, 4); {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} is VALID [2018-11-14 18:48:13,172 INFO L273 TraceCheckUtils]: 23: Hoare triple {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} assume !(#t~mem0 >= 0);havoc #t~mem0; {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} is VALID [2018-11-14 18:48:13,173 INFO L273 TraceCheckUtils]: 24: Hoare triple {2905#(exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1))))} havoc ~x~0;~x~0 := 0; {2918#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 0 main_~x~0))} is VALID [2018-11-14 18:48:13,174 INFO L273 TraceCheckUtils]: 25: Hoare triple {2918#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 0 main_~x~0))} assume true; {2918#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 0 main_~x~0))} is VALID [2018-11-14 18:48:13,175 INFO L273 TraceCheckUtils]: 26: Hoare triple {2918#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 0 main_~x~0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2918#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 0 main_~x~0))} is VALID [2018-11-14 18:48:13,183 INFO L256 TraceCheckUtils]: 27: Hoare triple {2918#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 0 main_~x~0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,184 INFO L273 TraceCheckUtils]: 28: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} ~cond := #in~cond; {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,184 INFO L273 TraceCheckUtils]: 29: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} assume !(~cond == 0); {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,184 INFO L273 TraceCheckUtils]: 30: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} assume true; {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,198 INFO L268 TraceCheckUtils]: 31: Hoare quadruple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} {2918#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 0 main_~x~0))} #55#return; {2941#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 0 main_~x~0))} is VALID [2018-11-14 18:48:13,199 INFO L273 TraceCheckUtils]: 32: Hoare triple {2941#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 0 main_~x~0))} havoc #t~mem3; {2941#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 0 main_~x~0))} is VALID [2018-11-14 18:48:13,200 INFO L273 TraceCheckUtils]: 33: Hoare triple {2941#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 0 main_~x~0))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2948#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 1 main_~x~0))} is VALID [2018-11-14 18:48:13,201 INFO L273 TraceCheckUtils]: 34: Hoare triple {2948#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 1 main_~x~0))} assume true; {2948#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 1 main_~x~0))} is VALID [2018-11-14 18:48:13,201 INFO L273 TraceCheckUtils]: 35: Hoare triple {2948#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 1 main_~x~0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2948#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 1 main_~x~0))} is VALID [2018-11-14 18:48:13,211 INFO L256 TraceCheckUtils]: 36: Hoare triple {2948#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 1 main_~x~0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,212 INFO L273 TraceCheckUtils]: 37: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} ~cond := #in~cond; {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,212 INFO L273 TraceCheckUtils]: 38: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} assume !(~cond == 0); {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,212 INFO L273 TraceCheckUtils]: 39: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} assume true; {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,214 INFO L268 TraceCheckUtils]: 40: Hoare quadruple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} {2948#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_prenex_3 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_prenex_3 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_prenex_3)))))) (<= 1 main_~x~0))} #55#return; {2970#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 1 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,215 INFO L273 TraceCheckUtils]: 41: Hoare triple {2970#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 1 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} havoc #t~mem3; {2970#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 1 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,217 INFO L273 TraceCheckUtils]: 42: Hoare triple {2970#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 1 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,218 INFO L273 TraceCheckUtils]: 43: Hoare triple {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} assume true; {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,219 INFO L273 TraceCheckUtils]: 44: Hoare triple {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,221 INFO L256 TraceCheckUtils]: 45: Hoare triple {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} is VALID [2018-11-14 18:48:13,221 INFO L273 TraceCheckUtils]: 46: Hoare triple {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} ~cond := #in~cond; {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} is VALID [2018-11-14 18:48:13,222 INFO L273 TraceCheckUtils]: 47: Hoare triple {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} assume !(~cond == 0); {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} is VALID [2018-11-14 18:48:13,222 INFO L273 TraceCheckUtils]: 48: Hoare triple {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} assume true; {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} is VALID [2018-11-14 18:48:13,223 INFO L268 TraceCheckUtils]: 49: Hoare quadruple {2987#(exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5))))))} {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} #55#return; {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,224 INFO L273 TraceCheckUtils]: 50: Hoare triple {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} havoc #t~mem3; {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,224 INFO L273 TraceCheckUtils]: 51: Hoare triple {2977#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 2 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} is VALID [2018-11-14 18:48:13,225 INFO L273 TraceCheckUtils]: 52: Hoare triple {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} assume true; {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} is VALID [2018-11-14 18:48:13,226 INFO L273 TraceCheckUtils]: 53: Hoare triple {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} is VALID [2018-11-14 18:48:13,249 INFO L256 TraceCheckUtils]: 54: Hoare triple {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,250 INFO L273 TraceCheckUtils]: 55: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} ~cond := #in~cond; {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,250 INFO L273 TraceCheckUtils]: 56: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} assume !(~cond == 0); {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,250 INFO L273 TraceCheckUtils]: 57: Hoare triple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} assume true; {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} is VALID [2018-11-14 18:48:13,251 INFO L268 TraceCheckUtils]: 58: Hoare quadruple {2928#(exists ((|v_main_~#aa~0.offset_BEFORE_CALL_9| Int) (v_main_~a~0_21 Int) (|v_main_~#aa~0.base_BEFORE_CALL_9| Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |v_main_~#aa~0.base_BEFORE_CALL_9|) (+ |v_main_~#aa~0.offset_BEFORE_CALL_9| (* 4 v_main_~a~0_21))))))} {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} #55#return; {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} is VALID [2018-11-14 18:48:13,252 INFO L273 TraceCheckUtils]: 59: Hoare triple {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} havoc #t~mem3; {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} is VALID [2018-11-14 18:48:13,253 INFO L273 TraceCheckUtils]: 60: Hoare triple {3006#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))) (<= 3 main_~x~0))} #t~post2 := ~x~0;~x~0 := #t~post2 + 1;havoc #t~post2; {3034#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 4 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,254 INFO L273 TraceCheckUtils]: 61: Hoare triple {3034#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 4 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} assume true; {3034#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 4 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} is VALID [2018-11-14 18:48:13,255 INFO L273 TraceCheckUtils]: 62: Hoare triple {3034#(and (exists ((v_main_~a~0_21 Int)) (and (<= v_main_~a~0_21 4) (<= 0 (select (select |#memory_int| |main_~#aa~0.base|) (+ (* 4 v_main_~a~0_21) |main_~#aa~0.offset|))) (<= main_~a~0 (+ v_main_~a~0_21 1)))) (<= 4 main_~x~0) (exists ((v_prenex_6 Int) (v_prenex_4 Int) (v_prenex_5 Int)) (and (<= v_prenex_5 4) (<= 0 (select (select |#memory_int| v_prenex_6) (+ v_prenex_4 (* 4 v_prenex_5)))))))} assume !!(~x~0 < ~a~0);call #t~mem3 := read~int(~#aa~0.base, ~#aa~0.offset + ~x~0 * 4, 4); {2838#(<= 0 |main_#t~mem3|)} is VALID [2018-11-14 18:48:13,257 INFO L256 TraceCheckUtils]: 63: Hoare triple {2838#(<= 0 |main_#t~mem3|)} call __VERIFIER_assert((if #t~mem3 >= 0 then 1 else 0)); {3044#(= |__VERIFIER_assert_#in~cond| 1)} is VALID [2018-11-14 18:48:13,257 INFO L273 TraceCheckUtils]: 64: Hoare triple {3044#(= |__VERIFIER_assert_#in~cond| 1)} ~cond := #in~cond; {3048#(= 1 __VERIFIER_assert_~cond)} is VALID [2018-11-14 18:48:13,258 INFO L273 TraceCheckUtils]: 65: Hoare triple {3048#(= 1 __VERIFIER_assert_~cond)} assume ~cond == 0; {2823#false} is VALID [2018-11-14 18:48:13,258 INFO L273 TraceCheckUtils]: 66: Hoare triple {2823#false} assume !false; {2823#false} is VALID [2018-11-14 18:48:13,281 INFO L134 CoverageAnalysis]: Checked inductivity of 119 backedges. 46 proven. 57 refuted. 4 times theorem prover too weak. 12 trivial. 0 not checked. [2018-11-14 18:48:13,302 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-14 18:48:13,302 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 21] total 32 [2018-11-14 18:48:13,302 INFO L78 Accepts]: Start accepts. Automaton has 32 states. Word has length 67 [2018-11-14 18:48:13,303 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 18:48:13,304 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 32 states. [2018-11-14 18:48:24,115 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 106 edges. 99 inductive. 0 not inductive. 7 times theorem prover too weak to decide inductivity. [2018-11-14 18:48:24,115 INFO L459 AbstractCegarLoop]: Interpolant automaton has 32 states [2018-11-14 18:48:24,115 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 32 interpolants. [2018-11-14 18:48:24,116 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=153, Invalid=826, Unknown=13, NotChecked=0, Total=992 [2018-11-14 18:48:24,116 INFO L87 Difference]: Start difference. First operand 70 states and 71 transitions. Second operand 32 states.