java -ea -Xmx8000000000 -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc ../../../trunk/examples/toolchains/AutomizerC.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf -i ../../../trunk/examples/svcomp/ssh/s3_srvr.blast.07_false-unreach-call.i.cil.c -------------------------------------------------------------------------------- This is Ultimate 0.1.23-370d6ab [2018-11-14 17:18:34,318 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-14 17:18:34,321 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-14 17:18:34,332 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-14 17:18:34,333 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-14 17:18:34,334 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-14 17:18:34,335 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-14 17:18:34,337 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-14 17:18:34,339 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-14 17:18:34,339 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-14 17:18:34,340 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-14 17:18:34,341 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-14 17:18:34,342 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-14 17:18:34,346 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-14 17:18:34,351 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-14 17:18:34,352 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-14 17:18:34,353 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-14 17:18:34,355 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-14 17:18:34,357 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-14 17:18:34,358 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-14 17:18:34,359 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-14 17:18:34,361 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-14 17:18:34,363 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-14 17:18:34,364 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-14 17:18:34,364 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-14 17:18:34,365 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-14 17:18:34,366 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-14 17:18:34,367 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-14 17:18:34,368 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-14 17:18:34,369 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-14 17:18:34,369 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-14 17:18:34,370 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-14 17:18:34,370 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-14 17:18:34,370 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-14 17:18:34,371 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-14 17:18:34,372 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-14 17:18:34,372 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf [2018-11-14 17:18:34,387 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-14 17:18:34,388 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-14 17:18:34,389 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-14 17:18:34,389 INFO L133 SettingsManager]: * to procedures, called more than once=true [2018-11-14 17:18:34,389 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-14 17:18:34,390 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-14 17:18:34,390 INFO L133 SettingsManager]: * Use SBE=true [2018-11-14 17:18:34,390 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-14 17:18:34,390 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-14 17:18:34,390 INFO L133 SettingsManager]: * Overapproximate operations on floating types=true [2018-11-14 17:18:34,391 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-14 17:18:34,391 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-14 17:18:34,391 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-14 17:18:34,391 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-14 17:18:34,391 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-14 17:18:34,391 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-14 17:18:34,392 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-14 17:18:34,392 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-14 17:18:34,392 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-14 17:18:34,392 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-14 17:18:34,393 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-14 17:18:34,393 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-14 17:18:34,393 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-14 17:18:34,393 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-14 17:18:34,393 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-14 17:18:34,394 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-14 17:18:34,394 INFO L133 SettingsManager]: * Trace refinement strategy=CAMEL [2018-11-14 17:18:34,394 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-14 17:18:34,394 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2018-11-14 17:18:34,394 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2018-11-14 17:18:34,449 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-14 17:18:34,469 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-14 17:18:34,473 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-14 17:18:34,475 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-14 17:18:34,476 INFO L276 PluginConnector]: CDTParser initialized [2018-11-14 17:18:34,476 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/ssh/s3_srvr.blast.07_false-unreach-call.i.cil.c [2018-11-14 17:18:34,535 INFO L218 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5c68889c2/20799b4ea29e47acabdeb7147f89470d/FLAG3edc92961 [2018-11-14 17:18:35,177 INFO L298 CDTParser]: Found 1 translation units. [2018-11-14 17:18:35,180 INFO L158 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/ssh/s3_srvr.blast.07_false-unreach-call.i.cil.c [2018-11-14 17:18:35,211 INFO L346 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5c68889c2/20799b4ea29e47acabdeb7147f89470d/FLAG3edc92961 [2018-11-14 17:18:35,227 INFO L354 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5c68889c2/20799b4ea29e47acabdeb7147f89470d [2018-11-14 17:18:35,237 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-14 17:18:35,239 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2018-11-14 17:18:35,240 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-14 17:18:35,240 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-14 17:18:35,245 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-14 17:18:35,246 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 05:18:35" (1/1) ... [2018-11-14 17:18:35,249 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@195bd443 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:35, skipping insertion in model container [2018-11-14 17:18:35,250 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 05:18:35" (1/1) ... [2018-11-14 17:18:35,260 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-14 17:18:35,326 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-14 17:18:36,252 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-14 17:18:36,433 INFO L191 MainTranslator]: Completed pre-run [2018-11-14 17:18:36,714 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-14 17:18:36,745 INFO L195 MainTranslator]: Completed translation [2018-11-14 17:18:36,746 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36 WrapperNode [2018-11-14 17:18:36,746 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-14 17:18:36,747 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-14 17:18:36,748 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-14 17:18:36,748 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-14 17:18:36,765 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... [2018-11-14 17:18:36,766 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... [2018-11-14 17:18:36,812 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... [2018-11-14 17:18:36,813 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... [2018-11-14 17:18:36,918 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... [2018-11-14 17:18:36,944 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... [2018-11-14 17:18:36,951 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... [2018-11-14 17:18:36,966 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-14 17:18:36,967 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-14 17:18:36,967 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-14 17:18:36,967 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-14 17:18:36,968 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-14 17:18:37,057 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-14 17:18:37,057 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-14 17:18:37,057 INFO L138 BoogieDeclarations]: Found implementation of procedure ssl3_get_server_method [2018-11-14 17:18:37,058 INFO L138 BoogieDeclarations]: Found implementation of procedure SSLv3_server_method [2018-11-14 17:18:37,058 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-14 17:18:37,058 INFO L138 BoogieDeclarations]: Found implementation of procedure ssl3_accept [2018-11-14 17:18:37,058 INFO L138 BoogieDeclarations]: Found implementation of procedure sslv3_base_method [2018-11-14 17:18:37,059 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.meminit [2018-11-14 17:18:37,059 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.C_memcpy [2018-11-14 17:18:37,059 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2018-11-14 17:18:37,059 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2018-11-14 17:18:37,060 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_char [2018-11-14 17:18:37,060 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_int [2018-11-14 17:18:37,060 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_long [2018-11-14 17:18:37,060 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_pointer [2018-11-14 17:18:37,060 INFO L130 BoogieDeclarations]: Found specification of procedure memcpy [2018-11-14 17:18:37,061 INFO L130 BoogieDeclarations]: Found specification of procedure SSLv3_server_method [2018-11-14 17:18:37,061 INFO L130 BoogieDeclarations]: Found specification of procedure sslv3_base_method [2018-11-14 17:18:37,061 INFO L130 BoogieDeclarations]: Found specification of procedure ssl3_accept [2018-11-14 17:18:37,061 INFO L130 BoogieDeclarations]: Found specification of procedure ssl3_get_server_method [2018-11-14 17:18:37,063 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.C_memcpy [2018-11-14 17:18:37,063 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2018-11-14 17:18:37,063 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-14 17:18:37,063 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-14 17:18:37,063 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2018-11-14 17:18:37,063 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2018-11-14 17:18:37,064 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2018-11-14 17:18:37,064 INFO L130 BoogieDeclarations]: Found specification of procedure calloc [2018-11-14 17:18:37,064 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.meminit [2018-11-14 17:18:37,064 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-14 17:18:37,064 INFO L130 BoogieDeclarations]: Found specification of procedure write~unchecked~int [2018-11-14 17:18:37,064 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-14 17:18:37,065 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2018-11-14 17:18:37,757 WARN L684 $ProcedureCfgBuilder]: Two Gotos in a row! There was dead code [2018-11-14 17:18:37,757 WARN L649 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2018-11-14 17:18:40,443 INFO L278 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-14 17:18:40,444 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:18:40 BoogieIcfgContainer [2018-11-14 17:18:40,444 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-14 17:18:40,445 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-14 17:18:40,445 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-14 17:18:40,449 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-14 17:18:40,449 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.11 05:18:35" (1/3) ... [2018-11-14 17:18:40,450 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@acd7b05 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 05:18:40, skipping insertion in model container [2018-11-14 17:18:40,450 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:18:36" (2/3) ... [2018-11-14 17:18:40,450 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@acd7b05 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 05:18:40, skipping insertion in model container [2018-11-14 17:18:40,451 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:18:40" (3/3) ... [2018-11-14 17:18:40,453 INFO L112 eAbstractionObserver]: Analyzing ICFG s3_srvr.blast.07_false-unreach-call.i.cil.c [2018-11-14 17:18:40,463 INFO L136 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-14 17:18:40,472 INFO L148 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-11-14 17:18:40,490 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-11-14 17:18:40,524 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-14 17:18:40,525 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-14 17:18:40,525 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-14 17:18:40,525 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-14 17:18:40,525 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-14 17:18:40,526 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-14 17:18:40,526 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-14 17:18:40,526 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-14 17:18:40,526 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-14 17:18:40,558 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states. [2018-11-14 17:18:40,570 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2018-11-14 17:18:40,570 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:40,572 INFO L375 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:40,574 INFO L423 AbstractCegarLoop]: === Iteration 1 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:40,580 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:40,580 INFO L82 PathProgramCache]: Analyzing trace with hash 1828609143, now seen corresponding path program 1 times [2018-11-14 17:18:40,582 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:40,583 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:40,638 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:40,638 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:40,638 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:40,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:41,234 INFO L256 TraceCheckUtils]: 0: Hoare triple {161#true} call ULTIMATE.init(); {161#true} is VALID [2018-11-14 17:18:41,238 INFO L273 TraceCheckUtils]: 1: Hoare triple {161#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {161#true} is VALID [2018-11-14 17:18:41,238 INFO L273 TraceCheckUtils]: 2: Hoare triple {161#true} assume true; {161#true} is VALID [2018-11-14 17:18:41,239 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {161#true} {161#true} #682#return; {161#true} is VALID [2018-11-14 17:18:41,239 INFO L256 TraceCheckUtils]: 4: Hoare triple {161#true} call #t~ret138 := main(); {161#true} is VALID [2018-11-14 17:18:41,240 INFO L273 TraceCheckUtils]: 5: Hoare triple {161#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {161#true} is VALID [2018-11-14 17:18:41,240 INFO L256 TraceCheckUtils]: 6: Hoare triple {161#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {161#true} is VALID [2018-11-14 17:18:41,258 INFO L273 TraceCheckUtils]: 7: Hoare triple {161#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,268 INFO L273 TraceCheckUtils]: 8: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,281 INFO L273 TraceCheckUtils]: 9: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,295 INFO L273 TraceCheckUtils]: 10: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,308 INFO L273 TraceCheckUtils]: 11: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,321 INFO L273 TraceCheckUtils]: 12: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,337 INFO L273 TraceCheckUtils]: 13: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume true; {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,346 INFO L273 TraceCheckUtils]: 14: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !false; {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,359 INFO L273 TraceCheckUtils]: 15: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,372 INFO L273 TraceCheckUtils]: 16: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,387 INFO L273 TraceCheckUtils]: 17: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,396 INFO L273 TraceCheckUtils]: 18: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,409 INFO L273 TraceCheckUtils]: 19: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,422 INFO L273 TraceCheckUtils]: 20: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,435 INFO L273 TraceCheckUtils]: 21: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,445 INFO L273 TraceCheckUtils]: 22: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:18:41,446 INFO L273 TraceCheckUtils]: 23: Hoare triple {163#(= 8464 (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {164#(= 8464 |ssl3_accept_#t~mem32|)} is VALID [2018-11-14 17:18:41,447 INFO L273 TraceCheckUtils]: 24: Hoare triple {164#(= 8464 |ssl3_accept_#t~mem32|)} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,447 INFO L273 TraceCheckUtils]: 25: Hoare triple {162#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,447 INFO L273 TraceCheckUtils]: 26: Hoare triple {162#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,448 INFO L273 TraceCheckUtils]: 27: Hoare triple {162#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,448 INFO L273 TraceCheckUtils]: 28: Hoare triple {162#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,449 INFO L273 TraceCheckUtils]: 29: Hoare triple {162#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,449 INFO L273 TraceCheckUtils]: 30: Hoare triple {162#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,449 INFO L273 TraceCheckUtils]: 31: Hoare triple {162#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,450 INFO L273 TraceCheckUtils]: 32: Hoare triple {162#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {162#false} is VALID [2018-11-14 17:18:41,451 INFO L273 TraceCheckUtils]: 33: Hoare triple {162#false} assume #t~mem41 == 8544;havoc #t~mem41; {162#false} is VALID [2018-11-14 17:18:41,451 INFO L273 TraceCheckUtils]: 34: Hoare triple {162#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {162#false} is VALID [2018-11-14 17:18:41,452 INFO L273 TraceCheckUtils]: 35: Hoare triple {162#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {162#false} is VALID [2018-11-14 17:18:41,452 INFO L273 TraceCheckUtils]: 36: Hoare triple {162#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {162#false} is VALID [2018-11-14 17:18:41,453 INFO L273 TraceCheckUtils]: 37: Hoare triple {162#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {162#false} is VALID [2018-11-14 17:18:41,453 INFO L273 TraceCheckUtils]: 38: Hoare triple {162#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {162#false} is VALID [2018-11-14 17:18:41,453 INFO L273 TraceCheckUtils]: 39: Hoare triple {162#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {162#false} is VALID [2018-11-14 17:18:41,454 INFO L273 TraceCheckUtils]: 40: Hoare triple {162#false} assume ~blastFlag~0 == 8; {162#false} is VALID [2018-11-14 17:18:41,454 INFO L273 TraceCheckUtils]: 41: Hoare triple {162#false} assume !false; {162#false} is VALID [2018-11-14 17:18:41,475 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:18:41,478 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:18:41,478 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:18:41,484 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 42 [2018-11-14 17:18:41,487 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:18:41,491 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:18:41,634 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:41,634 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:18:41,643 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:18:41,644 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:18:41,646 INFO L87 Difference]: Start difference. First operand 158 states. Second operand 4 states. [2018-11-14 17:18:43,402 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:43,403 INFO L93 Difference]: Finished difference Result 336 states and 561 transitions. [2018-11-14 17:18:43,403 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:18:43,403 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 42 [2018-11-14 17:18:43,404 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:18:43,405 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:43,428 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 561 transitions. [2018-11-14 17:18:43,429 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:43,441 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 561 transitions. [2018-11-14 17:18:43,442 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 561 transitions. [2018-11-14 17:18:44,512 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 561 edges. 561 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:44,535 INFO L225 Difference]: With dead ends: 336 [2018-11-14 17:18:44,536 INFO L226 Difference]: Without dead ends: 171 [2018-11-14 17:18:44,541 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:18:44,561 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 171 states. [2018-11-14 17:18:44,932 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 171 to 154. [2018-11-14 17:18:44,932 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:18:44,933 INFO L82 GeneralOperation]: Start isEquivalent. First operand 171 states. Second operand 154 states. [2018-11-14 17:18:44,934 INFO L74 IsIncluded]: Start isIncluded. First operand 171 states. Second operand 154 states. [2018-11-14 17:18:44,934 INFO L87 Difference]: Start difference. First operand 171 states. Second operand 154 states. [2018-11-14 17:18:44,946 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:44,946 INFO L93 Difference]: Finished difference Result 171 states and 255 transitions. [2018-11-14 17:18:44,946 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 255 transitions. [2018-11-14 17:18:44,950 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:44,950 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:44,950 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 171 states. [2018-11-14 17:18:44,950 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 171 states. [2018-11-14 17:18:44,964 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:44,965 INFO L93 Difference]: Finished difference Result 171 states and 255 transitions. [2018-11-14 17:18:44,965 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 255 transitions. [2018-11-14 17:18:44,967 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:44,967 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:44,967 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:18:44,968 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:18:44,970 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:18:44,979 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 234 transitions. [2018-11-14 17:18:44,981 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 234 transitions. Word has length 42 [2018-11-14 17:18:44,982 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:18:44,982 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 234 transitions. [2018-11-14 17:18:44,982 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:18:44,982 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 234 transitions. [2018-11-14 17:18:44,985 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2018-11-14 17:18:44,985 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:44,985 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:44,990 INFO L423 AbstractCegarLoop]: === Iteration 2 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:44,990 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:44,990 INFO L82 PathProgramCache]: Analyzing trace with hash 811074857, now seen corresponding path program 1 times [2018-11-14 17:18:44,990 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:44,991 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:44,993 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:44,995 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:44,996 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:45,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:45,268 INFO L256 TraceCheckUtils]: 0: Hoare triple {1096#true} call ULTIMATE.init(); {1096#true} is VALID [2018-11-14 17:18:45,268 INFO L273 TraceCheckUtils]: 1: Hoare triple {1096#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {1096#true} is VALID [2018-11-14 17:18:45,269 INFO L273 TraceCheckUtils]: 2: Hoare triple {1096#true} assume true; {1096#true} is VALID [2018-11-14 17:18:45,269 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1096#true} {1096#true} #682#return; {1096#true} is VALID [2018-11-14 17:18:45,270 INFO L256 TraceCheckUtils]: 4: Hoare triple {1096#true} call #t~ret138 := main(); {1096#true} is VALID [2018-11-14 17:18:45,270 INFO L273 TraceCheckUtils]: 5: Hoare triple {1096#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {1096#true} is VALID [2018-11-14 17:18:45,270 INFO L256 TraceCheckUtils]: 6: Hoare triple {1096#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {1096#true} is VALID [2018-11-14 17:18:45,272 INFO L273 TraceCheckUtils]: 7: Hoare triple {1096#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,273 INFO L273 TraceCheckUtils]: 8: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,277 INFO L273 TraceCheckUtils]: 9: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,278 INFO L273 TraceCheckUtils]: 10: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,278 INFO L273 TraceCheckUtils]: 11: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,279 INFO L273 TraceCheckUtils]: 12: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,279 INFO L273 TraceCheckUtils]: 13: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,280 INFO L273 TraceCheckUtils]: 14: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,280 INFO L273 TraceCheckUtils]: 15: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,281 INFO L273 TraceCheckUtils]: 16: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,281 INFO L273 TraceCheckUtils]: 17: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,282 INFO L273 TraceCheckUtils]: 18: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,283 INFO L273 TraceCheckUtils]: 19: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:45,286 INFO L273 TraceCheckUtils]: 20: Hoare triple {1098#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {1099#(= |ssl3_accept_#t~mem29| 8464)} is VALID [2018-11-14 17:18:45,287 INFO L273 TraceCheckUtils]: 21: Hoare triple {1099#(= |ssl3_accept_#t~mem29| 8464)} assume #t~mem29 == 8480;havoc #t~mem29; {1097#false} is VALID [2018-11-14 17:18:45,288 INFO L273 TraceCheckUtils]: 22: Hoare triple {1097#false} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet67 && #t~nondet67 <= 2147483647;~ret~0 := #t~nondet67;havoc #t~nondet67; {1097#false} is VALID [2018-11-14 17:18:45,288 INFO L273 TraceCheckUtils]: 23: Hoare triple {1097#false} assume !(~ret~0 <= 0);call #t~mem68.base, #t~mem68.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(8482, #t~mem68.base, #t~mem68.offset + 604 + 240, 4);havoc #t~mem68.base, #t~mem68.offset;call write~int(8448, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {1097#false} is VALID [2018-11-14 17:18:45,289 INFO L273 TraceCheckUtils]: 24: Hoare triple {1097#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {1097#false} is VALID [2018-11-14 17:18:45,289 INFO L273 TraceCheckUtils]: 25: Hoare triple {1097#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {1097#false} is VALID [2018-11-14 17:18:45,289 INFO L273 TraceCheckUtils]: 26: Hoare triple {1097#false} ~skip~0 := 0; {1097#false} is VALID [2018-11-14 17:18:45,290 INFO L273 TraceCheckUtils]: 27: Hoare triple {1097#false} assume true; {1097#false} is VALID [2018-11-14 17:18:45,290 INFO L273 TraceCheckUtils]: 28: Hoare triple {1097#false} assume !false; {1097#false} is VALID [2018-11-14 17:18:45,290 INFO L273 TraceCheckUtils]: 29: Hoare triple {1097#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,290 INFO L273 TraceCheckUtils]: 30: Hoare triple {1097#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,291 INFO L273 TraceCheckUtils]: 31: Hoare triple {1097#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,291 INFO L273 TraceCheckUtils]: 32: Hoare triple {1097#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,291 INFO L273 TraceCheckUtils]: 33: Hoare triple {1097#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,291 INFO L273 TraceCheckUtils]: 34: Hoare triple {1097#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,292 INFO L273 TraceCheckUtils]: 35: Hoare triple {1097#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,292 INFO L273 TraceCheckUtils]: 36: Hoare triple {1097#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,292 INFO L273 TraceCheckUtils]: 37: Hoare triple {1097#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,293 INFO L273 TraceCheckUtils]: 38: Hoare triple {1097#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,293 INFO L273 TraceCheckUtils]: 39: Hoare triple {1097#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,293 INFO L273 TraceCheckUtils]: 40: Hoare triple {1097#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,293 INFO L273 TraceCheckUtils]: 41: Hoare triple {1097#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,294 INFO L273 TraceCheckUtils]: 42: Hoare triple {1097#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,294 INFO L273 TraceCheckUtils]: 43: Hoare triple {1097#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,294 INFO L273 TraceCheckUtils]: 44: Hoare triple {1097#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,294 INFO L273 TraceCheckUtils]: 45: Hoare triple {1097#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,295 INFO L273 TraceCheckUtils]: 46: Hoare triple {1097#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {1097#false} is VALID [2018-11-14 17:18:45,295 INFO L273 TraceCheckUtils]: 47: Hoare triple {1097#false} assume #t~mem41 == 8544;havoc #t~mem41; {1097#false} is VALID [2018-11-14 17:18:45,295 INFO L273 TraceCheckUtils]: 48: Hoare triple {1097#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {1097#false} is VALID [2018-11-14 17:18:45,296 INFO L273 TraceCheckUtils]: 49: Hoare triple {1097#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {1097#false} is VALID [2018-11-14 17:18:45,296 INFO L273 TraceCheckUtils]: 50: Hoare triple {1097#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {1097#false} is VALID [2018-11-14 17:18:45,296 INFO L273 TraceCheckUtils]: 51: Hoare triple {1097#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {1097#false} is VALID [2018-11-14 17:18:45,296 INFO L273 TraceCheckUtils]: 52: Hoare triple {1097#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {1097#false} is VALID [2018-11-14 17:18:45,297 INFO L273 TraceCheckUtils]: 53: Hoare triple {1097#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {1097#false} is VALID [2018-11-14 17:18:45,297 INFO L273 TraceCheckUtils]: 54: Hoare triple {1097#false} assume ~blastFlag~0 == 8; {1097#false} is VALID [2018-11-14 17:18:45,297 INFO L273 TraceCheckUtils]: 55: Hoare triple {1097#false} assume !false; {1097#false} is VALID [2018-11-14 17:18:45,307 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 9 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:18:45,308 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:18:45,308 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:18:45,310 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 56 [2018-11-14 17:18:45,310 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:18:45,310 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:18:45,412 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 56 edges. 56 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:45,413 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:18:45,413 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:18:45,413 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:18:45,414 INFO L87 Difference]: Start difference. First operand 154 states and 234 transitions. Second operand 4 states. [2018-11-14 17:18:46,931 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:46,932 INFO L93 Difference]: Finished difference Result 299 states and 452 transitions. [2018-11-14 17:18:46,932 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:18:46,932 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 56 [2018-11-14 17:18:46,932 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:18:46,932 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:46,938 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 452 transitions. [2018-11-14 17:18:46,939 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:46,944 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 452 transitions. [2018-11-14 17:18:46,945 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 452 transitions. [2018-11-14 17:18:47,461 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 452 edges. 452 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:47,468 INFO L225 Difference]: With dead ends: 299 [2018-11-14 17:18:47,468 INFO L226 Difference]: Without dead ends: 171 [2018-11-14 17:18:47,470 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:18:47,471 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 171 states. [2018-11-14 17:18:47,519 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 171 to 154. [2018-11-14 17:18:47,519 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:18:47,520 INFO L82 GeneralOperation]: Start isEquivalent. First operand 171 states. Second operand 154 states. [2018-11-14 17:18:47,520 INFO L74 IsIncluded]: Start isIncluded. First operand 171 states. Second operand 154 states. [2018-11-14 17:18:47,520 INFO L87 Difference]: Start difference. First operand 171 states. Second operand 154 states. [2018-11-14 17:18:47,527 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:47,527 INFO L93 Difference]: Finished difference Result 171 states and 254 transitions. [2018-11-14 17:18:47,527 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 254 transitions. [2018-11-14 17:18:47,529 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:47,529 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:47,529 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 171 states. [2018-11-14 17:18:47,529 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 171 states. [2018-11-14 17:18:47,536 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:47,537 INFO L93 Difference]: Finished difference Result 171 states and 254 transitions. [2018-11-14 17:18:47,537 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 254 transitions. [2018-11-14 17:18:47,538 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:47,538 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:47,538 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:18:47,538 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:18:47,538 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:18:47,544 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 233 transitions. [2018-11-14 17:18:47,545 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 233 transitions. Word has length 56 [2018-11-14 17:18:47,545 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:18:47,545 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 233 transitions. [2018-11-14 17:18:47,545 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:18:47,545 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 233 transitions. [2018-11-14 17:18:47,547 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2018-11-14 17:18:47,547 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:47,547 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:47,548 INFO L423 AbstractCegarLoop]: === Iteration 3 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:47,548 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:47,548 INFO L82 PathProgramCache]: Analyzing trace with hash 1227423003, now seen corresponding path program 1 times [2018-11-14 17:18:47,548 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:47,548 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:47,550 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:47,550 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:47,550 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:47,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:47,723 INFO L256 TraceCheckUtils]: 0: Hoare triple {1987#true} call ULTIMATE.init(); {1987#true} is VALID [2018-11-14 17:18:47,724 INFO L273 TraceCheckUtils]: 1: Hoare triple {1987#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {1987#true} is VALID [2018-11-14 17:18:47,724 INFO L273 TraceCheckUtils]: 2: Hoare triple {1987#true} assume true; {1987#true} is VALID [2018-11-14 17:18:47,724 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1987#true} {1987#true} #682#return; {1987#true} is VALID [2018-11-14 17:18:47,725 INFO L256 TraceCheckUtils]: 4: Hoare triple {1987#true} call #t~ret138 := main(); {1987#true} is VALID [2018-11-14 17:18:47,725 INFO L273 TraceCheckUtils]: 5: Hoare triple {1987#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {1987#true} is VALID [2018-11-14 17:18:47,725 INFO L256 TraceCheckUtils]: 6: Hoare triple {1987#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {1987#true} is VALID [2018-11-14 17:18:47,729 INFO L273 TraceCheckUtils]: 7: Hoare triple {1987#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,734 INFO L273 TraceCheckUtils]: 8: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,735 INFO L273 TraceCheckUtils]: 9: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,739 INFO L273 TraceCheckUtils]: 10: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,739 INFO L273 TraceCheckUtils]: 11: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,740 INFO L273 TraceCheckUtils]: 12: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,740 INFO L273 TraceCheckUtils]: 13: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,741 INFO L273 TraceCheckUtils]: 14: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:47,741 INFO L273 TraceCheckUtils]: 15: Hoare triple {1989#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {1990#(= |ssl3_accept_#t~mem24| 8464)} is VALID [2018-11-14 17:18:47,742 INFO L273 TraceCheckUtils]: 16: Hoare triple {1990#(= |ssl3_accept_#t~mem24| 8464)} assume #t~mem24 == 12292;havoc #t~mem24; {1988#false} is VALID [2018-11-14 17:18:47,742 INFO L273 TraceCheckUtils]: 17: Hoare triple {1988#false} call write~int(1, ~s.base, ~s.offset + 40, 4); {1988#false} is VALID [2018-11-14 17:18:47,742 INFO L273 TraceCheckUtils]: 18: Hoare triple {1988#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {1988#false} is VALID [2018-11-14 17:18:47,742 INFO L273 TraceCheckUtils]: 19: Hoare triple {1988#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {1988#false} is VALID [2018-11-14 17:18:47,743 INFO L273 TraceCheckUtils]: 20: Hoare triple {1988#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {1988#false} is VALID [2018-11-14 17:18:47,743 INFO L273 TraceCheckUtils]: 21: Hoare triple {1988#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {1988#false} is VALID [2018-11-14 17:18:47,743 INFO L273 TraceCheckUtils]: 22: Hoare triple {1988#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {1988#false} is VALID [2018-11-14 17:18:47,744 INFO L273 TraceCheckUtils]: 23: Hoare triple {1988#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,744 INFO L273 TraceCheckUtils]: 24: Hoare triple {1988#false} assume !(#t~mem62 != 12292);havoc #t~mem62;call #t~mem65.base, #t~mem65.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem66 := read~int(#t~mem65.base, #t~mem65.offset + 60 + 16, 4);call write~int(#t~mem66 + 1, #t~mem65.base, #t~mem65.offset + 60 + 16, 4);havoc #t~mem65.base, #t~mem65.offset;havoc #t~mem66;call write~int(8480, ~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,745 INFO L273 TraceCheckUtils]: 25: Hoare triple {1988#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {1988#false} is VALID [2018-11-14 17:18:47,745 INFO L273 TraceCheckUtils]: 26: Hoare triple {1988#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {1988#false} is VALID [2018-11-14 17:18:47,745 INFO L273 TraceCheckUtils]: 27: Hoare triple {1988#false} ~skip~0 := 0; {1988#false} is VALID [2018-11-14 17:18:47,746 INFO L273 TraceCheckUtils]: 28: Hoare triple {1988#false} assume true; {1988#false} is VALID [2018-11-14 17:18:47,746 INFO L273 TraceCheckUtils]: 29: Hoare triple {1988#false} assume !false; {1988#false} is VALID [2018-11-14 17:18:47,746 INFO L273 TraceCheckUtils]: 30: Hoare triple {1988#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,747 INFO L273 TraceCheckUtils]: 31: Hoare triple {1988#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,747 INFO L273 TraceCheckUtils]: 32: Hoare triple {1988#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,747 INFO L273 TraceCheckUtils]: 33: Hoare triple {1988#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,747 INFO L273 TraceCheckUtils]: 34: Hoare triple {1988#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,748 INFO L273 TraceCheckUtils]: 35: Hoare triple {1988#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,748 INFO L273 TraceCheckUtils]: 36: Hoare triple {1988#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,748 INFO L273 TraceCheckUtils]: 37: Hoare triple {1988#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,748 INFO L273 TraceCheckUtils]: 38: Hoare triple {1988#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,749 INFO L273 TraceCheckUtils]: 39: Hoare triple {1988#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,749 INFO L273 TraceCheckUtils]: 40: Hoare triple {1988#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,749 INFO L273 TraceCheckUtils]: 41: Hoare triple {1988#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,749 INFO L273 TraceCheckUtils]: 42: Hoare triple {1988#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,749 INFO L273 TraceCheckUtils]: 43: Hoare triple {1988#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,750 INFO L273 TraceCheckUtils]: 44: Hoare triple {1988#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,750 INFO L273 TraceCheckUtils]: 45: Hoare triple {1988#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,750 INFO L273 TraceCheckUtils]: 46: Hoare triple {1988#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,750 INFO L273 TraceCheckUtils]: 47: Hoare triple {1988#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {1988#false} is VALID [2018-11-14 17:18:47,751 INFO L273 TraceCheckUtils]: 48: Hoare triple {1988#false} assume #t~mem41 == 8544;havoc #t~mem41; {1988#false} is VALID [2018-11-14 17:18:47,751 INFO L273 TraceCheckUtils]: 49: Hoare triple {1988#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {1988#false} is VALID [2018-11-14 17:18:47,751 INFO L273 TraceCheckUtils]: 50: Hoare triple {1988#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {1988#false} is VALID [2018-11-14 17:18:47,751 INFO L273 TraceCheckUtils]: 51: Hoare triple {1988#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {1988#false} is VALID [2018-11-14 17:18:47,752 INFO L273 TraceCheckUtils]: 52: Hoare triple {1988#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {1988#false} is VALID [2018-11-14 17:18:47,752 INFO L273 TraceCheckUtils]: 53: Hoare triple {1988#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {1988#false} is VALID [2018-11-14 17:18:47,752 INFO L273 TraceCheckUtils]: 54: Hoare triple {1988#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {1988#false} is VALID [2018-11-14 17:18:47,752 INFO L273 TraceCheckUtils]: 55: Hoare triple {1988#false} assume ~blastFlag~0 == 8; {1988#false} is VALID [2018-11-14 17:18:47,753 INFO L273 TraceCheckUtils]: 56: Hoare triple {1988#false} assume !false; {1988#false} is VALID [2018-11-14 17:18:47,758 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:18:47,758 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:18:47,759 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:18:47,759 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:47,760 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:18:47,760 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:18:47,839 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 57 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:47,839 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:18:47,839 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:18:47,840 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:18:47,840 INFO L87 Difference]: Start difference. First operand 154 states and 233 transitions. Second operand 4 states. [2018-11-14 17:18:48,809 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:48,809 INFO L93 Difference]: Finished difference Result 298 states and 450 transitions. [2018-11-14 17:18:48,809 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:18:48,809 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:48,810 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:18:48,810 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:48,816 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 450 transitions. [2018-11-14 17:18:48,816 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:48,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 450 transitions. [2018-11-14 17:18:48,823 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 450 transitions. [2018-11-14 17:18:49,439 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 450 edges. 450 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:49,444 INFO L225 Difference]: With dead ends: 298 [2018-11-14 17:18:49,445 INFO L226 Difference]: Without dead ends: 170 [2018-11-14 17:18:49,446 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:18:49,446 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states. [2018-11-14 17:18:49,493 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 154. [2018-11-14 17:18:49,493 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:18:49,493 INFO L82 GeneralOperation]: Start isEquivalent. First operand 170 states. Second operand 154 states. [2018-11-14 17:18:49,493 INFO L74 IsIncluded]: Start isIncluded. First operand 170 states. Second operand 154 states. [2018-11-14 17:18:49,494 INFO L87 Difference]: Start difference. First operand 170 states. Second operand 154 states. [2018-11-14 17:18:49,500 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:49,500 INFO L93 Difference]: Finished difference Result 170 states and 252 transitions. [2018-11-14 17:18:49,500 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 252 transitions. [2018-11-14 17:18:49,501 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:49,501 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:49,501 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 170 states. [2018-11-14 17:18:49,502 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 170 states. [2018-11-14 17:18:49,508 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:49,508 INFO L93 Difference]: Finished difference Result 170 states and 252 transitions. [2018-11-14 17:18:49,509 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 252 transitions. [2018-11-14 17:18:49,509 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:49,509 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:49,509 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:18:49,510 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:18:49,510 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:18:49,515 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 232 transitions. [2018-11-14 17:18:49,515 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 232 transitions. Word has length 57 [2018-11-14 17:18:49,516 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:18:49,516 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 232 transitions. [2018-11-14 17:18:49,516 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:18:49,516 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 232 transitions. [2018-11-14 17:18:49,517 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2018-11-14 17:18:49,517 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:49,518 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:49,518 INFO L423 AbstractCegarLoop]: === Iteration 4 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:49,518 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:49,518 INFO L82 PathProgramCache]: Analyzing trace with hash -2004394233, now seen corresponding path program 1 times [2018-11-14 17:18:49,518 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:49,519 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:49,520 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:49,520 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:49,520 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:49,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:49,659 INFO L256 TraceCheckUtils]: 0: Hoare triple {2874#true} call ULTIMATE.init(); {2874#true} is VALID [2018-11-14 17:18:49,660 INFO L273 TraceCheckUtils]: 1: Hoare triple {2874#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {2874#true} is VALID [2018-11-14 17:18:49,660 INFO L273 TraceCheckUtils]: 2: Hoare triple {2874#true} assume true; {2874#true} is VALID [2018-11-14 17:18:49,660 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2874#true} {2874#true} #682#return; {2874#true} is VALID [2018-11-14 17:18:49,660 INFO L256 TraceCheckUtils]: 4: Hoare triple {2874#true} call #t~ret138 := main(); {2874#true} is VALID [2018-11-14 17:18:49,660 INFO L273 TraceCheckUtils]: 5: Hoare triple {2874#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {2874#true} is VALID [2018-11-14 17:18:49,661 INFO L256 TraceCheckUtils]: 6: Hoare triple {2874#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {2874#true} is VALID [2018-11-14 17:18:49,662 INFO L273 TraceCheckUtils]: 7: Hoare triple {2874#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,663 INFO L273 TraceCheckUtils]: 8: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,664 INFO L273 TraceCheckUtils]: 9: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,665 INFO L273 TraceCheckUtils]: 10: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,665 INFO L273 TraceCheckUtils]: 11: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,666 INFO L273 TraceCheckUtils]: 12: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,667 INFO L273 TraceCheckUtils]: 13: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,667 INFO L273 TraceCheckUtils]: 14: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,668 INFO L273 TraceCheckUtils]: 15: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:49,669 INFO L273 TraceCheckUtils]: 16: Hoare triple {2876#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {2877#(= |ssl3_accept_#t~mem25| 8464)} is VALID [2018-11-14 17:18:49,670 INFO L273 TraceCheckUtils]: 17: Hoare triple {2877#(= |ssl3_accept_#t~mem25| 8464)} assume #t~mem25 == 16384;havoc #t~mem25; {2875#false} is VALID [2018-11-14 17:18:49,670 INFO L273 TraceCheckUtils]: 18: Hoare triple {2875#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {2875#false} is VALID [2018-11-14 17:18:49,670 INFO L273 TraceCheckUtils]: 19: Hoare triple {2875#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {2875#false} is VALID [2018-11-14 17:18:49,671 INFO L273 TraceCheckUtils]: 20: Hoare triple {2875#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {2875#false} is VALID [2018-11-14 17:18:49,671 INFO L273 TraceCheckUtils]: 21: Hoare triple {2875#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {2875#false} is VALID [2018-11-14 17:18:49,671 INFO L273 TraceCheckUtils]: 22: Hoare triple {2875#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {2875#false} is VALID [2018-11-14 17:18:49,672 INFO L273 TraceCheckUtils]: 23: Hoare triple {2875#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,672 INFO L273 TraceCheckUtils]: 24: Hoare triple {2875#false} assume !(#t~mem62 != 12292);havoc #t~mem62;call #t~mem65.base, #t~mem65.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem66 := read~int(#t~mem65.base, #t~mem65.offset + 60 + 16, 4);call write~int(#t~mem66 + 1, #t~mem65.base, #t~mem65.offset + 60 + 16, 4);havoc #t~mem65.base, #t~mem65.offset;havoc #t~mem66;call write~int(8480, ~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,672 INFO L273 TraceCheckUtils]: 25: Hoare triple {2875#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {2875#false} is VALID [2018-11-14 17:18:49,672 INFO L273 TraceCheckUtils]: 26: Hoare triple {2875#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {2875#false} is VALID [2018-11-14 17:18:49,673 INFO L273 TraceCheckUtils]: 27: Hoare triple {2875#false} ~skip~0 := 0; {2875#false} is VALID [2018-11-14 17:18:49,673 INFO L273 TraceCheckUtils]: 28: Hoare triple {2875#false} assume true; {2875#false} is VALID [2018-11-14 17:18:49,673 INFO L273 TraceCheckUtils]: 29: Hoare triple {2875#false} assume !false; {2875#false} is VALID [2018-11-14 17:18:49,674 INFO L273 TraceCheckUtils]: 30: Hoare triple {2875#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,674 INFO L273 TraceCheckUtils]: 31: Hoare triple {2875#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,674 INFO L273 TraceCheckUtils]: 32: Hoare triple {2875#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,675 INFO L273 TraceCheckUtils]: 33: Hoare triple {2875#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,675 INFO L273 TraceCheckUtils]: 34: Hoare triple {2875#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,675 INFO L273 TraceCheckUtils]: 35: Hoare triple {2875#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,675 INFO L273 TraceCheckUtils]: 36: Hoare triple {2875#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,676 INFO L273 TraceCheckUtils]: 37: Hoare triple {2875#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,676 INFO L273 TraceCheckUtils]: 38: Hoare triple {2875#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,676 INFO L273 TraceCheckUtils]: 39: Hoare triple {2875#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,676 INFO L273 TraceCheckUtils]: 40: Hoare triple {2875#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,677 INFO L273 TraceCheckUtils]: 41: Hoare triple {2875#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,677 INFO L273 TraceCheckUtils]: 42: Hoare triple {2875#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,677 INFO L273 TraceCheckUtils]: 43: Hoare triple {2875#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,677 INFO L273 TraceCheckUtils]: 44: Hoare triple {2875#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,678 INFO L273 TraceCheckUtils]: 45: Hoare triple {2875#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,678 INFO L273 TraceCheckUtils]: 46: Hoare triple {2875#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,678 INFO L273 TraceCheckUtils]: 47: Hoare triple {2875#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {2875#false} is VALID [2018-11-14 17:18:49,678 INFO L273 TraceCheckUtils]: 48: Hoare triple {2875#false} assume #t~mem41 == 8544;havoc #t~mem41; {2875#false} is VALID [2018-11-14 17:18:49,679 INFO L273 TraceCheckUtils]: 49: Hoare triple {2875#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {2875#false} is VALID [2018-11-14 17:18:49,679 INFO L273 TraceCheckUtils]: 50: Hoare triple {2875#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {2875#false} is VALID [2018-11-14 17:18:49,679 INFO L273 TraceCheckUtils]: 51: Hoare triple {2875#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {2875#false} is VALID [2018-11-14 17:18:49,679 INFO L273 TraceCheckUtils]: 52: Hoare triple {2875#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {2875#false} is VALID [2018-11-14 17:18:49,679 INFO L273 TraceCheckUtils]: 53: Hoare triple {2875#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {2875#false} is VALID [2018-11-14 17:18:49,680 INFO L273 TraceCheckUtils]: 54: Hoare triple {2875#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {2875#false} is VALID [2018-11-14 17:18:49,680 INFO L273 TraceCheckUtils]: 55: Hoare triple {2875#false} assume ~blastFlag~0 == 8; {2875#false} is VALID [2018-11-14 17:18:49,680 INFO L273 TraceCheckUtils]: 56: Hoare triple {2875#false} assume !false; {2875#false} is VALID [2018-11-14 17:18:49,685 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 5 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:18:49,685 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:18:49,685 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:18:49,685 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:49,686 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:18:49,686 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:18:49,751 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 57 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:49,751 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:18:49,751 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:18:49,752 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:18:49,752 INFO L87 Difference]: Start difference. First operand 154 states and 232 transitions. Second operand 4 states. [2018-11-14 17:18:50,717 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:50,717 INFO L93 Difference]: Finished difference Result 298 states and 449 transitions. [2018-11-14 17:18:50,717 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:18:50,717 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:50,718 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:18:50,718 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:50,723 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 449 transitions. [2018-11-14 17:18:50,724 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:50,729 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 449 transitions. [2018-11-14 17:18:50,729 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 449 transitions. [2018-11-14 17:18:51,248 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 449 edges. 449 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:51,253 INFO L225 Difference]: With dead ends: 298 [2018-11-14 17:18:51,253 INFO L226 Difference]: Without dead ends: 170 [2018-11-14 17:18:51,254 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:18:51,255 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states. [2018-11-14 17:18:51,651 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 154. [2018-11-14 17:18:51,651 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:18:51,651 INFO L82 GeneralOperation]: Start isEquivalent. First operand 170 states. Second operand 154 states. [2018-11-14 17:18:51,651 INFO L74 IsIncluded]: Start isIncluded. First operand 170 states. Second operand 154 states. [2018-11-14 17:18:51,652 INFO L87 Difference]: Start difference. First operand 170 states. Second operand 154 states. [2018-11-14 17:18:51,659 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:51,659 INFO L93 Difference]: Finished difference Result 170 states and 251 transitions. [2018-11-14 17:18:51,659 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 251 transitions. [2018-11-14 17:18:51,660 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:51,660 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:51,660 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 170 states. [2018-11-14 17:18:51,660 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 170 states. [2018-11-14 17:18:51,666 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:51,667 INFO L93 Difference]: Finished difference Result 170 states and 251 transitions. [2018-11-14 17:18:51,667 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 251 transitions. [2018-11-14 17:18:51,667 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:51,668 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:51,668 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:18:51,668 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:18:51,668 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:18:51,674 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 231 transitions. [2018-11-14 17:18:51,675 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 231 transitions. Word has length 57 [2018-11-14 17:18:51,675 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:18:51,675 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 231 transitions. [2018-11-14 17:18:51,675 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:18:51,675 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 231 transitions. [2018-11-14 17:18:51,677 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2018-11-14 17:18:51,677 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:51,677 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:51,678 INFO L423 AbstractCegarLoop]: === Iteration 5 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:51,678 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:51,678 INFO L82 PathProgramCache]: Analyzing trace with hash -1368055952, now seen corresponding path program 1 times [2018-11-14 17:18:51,678 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:51,678 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:51,680 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:51,680 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:51,680 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:51,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:51,909 INFO L256 TraceCheckUtils]: 0: Hoare triple {3761#true} call ULTIMATE.init(); {3761#true} is VALID [2018-11-14 17:18:51,910 INFO L273 TraceCheckUtils]: 1: Hoare triple {3761#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {3761#true} is VALID [2018-11-14 17:18:51,910 INFO L273 TraceCheckUtils]: 2: Hoare triple {3761#true} assume true; {3761#true} is VALID [2018-11-14 17:18:51,910 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {3761#true} {3761#true} #682#return; {3761#true} is VALID [2018-11-14 17:18:51,911 INFO L256 TraceCheckUtils]: 4: Hoare triple {3761#true} call #t~ret138 := main(); {3761#true} is VALID [2018-11-14 17:18:51,911 INFO L273 TraceCheckUtils]: 5: Hoare triple {3761#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {3761#true} is VALID [2018-11-14 17:18:51,912 INFO L256 TraceCheckUtils]: 6: Hoare triple {3761#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {3761#true} is VALID [2018-11-14 17:18:51,914 INFO L273 TraceCheckUtils]: 7: Hoare triple {3761#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,914 INFO L273 TraceCheckUtils]: 8: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,915 INFO L273 TraceCheckUtils]: 9: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,916 INFO L273 TraceCheckUtils]: 10: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,917 INFO L273 TraceCheckUtils]: 11: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,917 INFO L273 TraceCheckUtils]: 12: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,918 INFO L273 TraceCheckUtils]: 13: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,919 INFO L273 TraceCheckUtils]: 14: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,919 INFO L273 TraceCheckUtils]: 15: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,920 INFO L273 TraceCheckUtils]: 16: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,921 INFO L273 TraceCheckUtils]: 17: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,922 INFO L273 TraceCheckUtils]: 18: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,923 INFO L273 TraceCheckUtils]: 19: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,923 INFO L273 TraceCheckUtils]: 20: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:51,925 INFO L273 TraceCheckUtils]: 21: Hoare triple {3763#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {3764#(= |ssl3_accept_#t~mem30| 8464)} is VALID [2018-11-14 17:18:51,926 INFO L273 TraceCheckUtils]: 22: Hoare triple {3764#(= |ssl3_accept_#t~mem30| 8464)} assume #t~mem30 == 8481;havoc #t~mem30; {3762#false} is VALID [2018-11-14 17:18:51,926 INFO L273 TraceCheckUtils]: 23: Hoare triple {3762#false} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet67 && #t~nondet67 <= 2147483647;~ret~0 := #t~nondet67;havoc #t~nondet67; {3762#false} is VALID [2018-11-14 17:18:51,927 INFO L273 TraceCheckUtils]: 24: Hoare triple {3762#false} assume !(~ret~0 <= 0);call #t~mem68.base, #t~mem68.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(8482, #t~mem68.base, #t~mem68.offset + 604 + 240, 4);havoc #t~mem68.base, #t~mem68.offset;call write~int(8448, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {3762#false} is VALID [2018-11-14 17:18:51,927 INFO L273 TraceCheckUtils]: 25: Hoare triple {3762#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {3762#false} is VALID [2018-11-14 17:18:51,927 INFO L273 TraceCheckUtils]: 26: Hoare triple {3762#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {3762#false} is VALID [2018-11-14 17:18:51,928 INFO L273 TraceCheckUtils]: 27: Hoare triple {3762#false} ~skip~0 := 0; {3762#false} is VALID [2018-11-14 17:18:51,928 INFO L273 TraceCheckUtils]: 28: Hoare triple {3762#false} assume true; {3762#false} is VALID [2018-11-14 17:18:51,929 INFO L273 TraceCheckUtils]: 29: Hoare triple {3762#false} assume !false; {3762#false} is VALID [2018-11-14 17:18:51,929 INFO L273 TraceCheckUtils]: 30: Hoare triple {3762#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,929 INFO L273 TraceCheckUtils]: 31: Hoare triple {3762#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,929 INFO L273 TraceCheckUtils]: 32: Hoare triple {3762#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,930 INFO L273 TraceCheckUtils]: 33: Hoare triple {3762#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,930 INFO L273 TraceCheckUtils]: 34: Hoare triple {3762#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,930 INFO L273 TraceCheckUtils]: 35: Hoare triple {3762#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,930 INFO L273 TraceCheckUtils]: 36: Hoare triple {3762#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,931 INFO L273 TraceCheckUtils]: 37: Hoare triple {3762#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,931 INFO L273 TraceCheckUtils]: 38: Hoare triple {3762#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,931 INFO L273 TraceCheckUtils]: 39: Hoare triple {3762#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,931 INFO L273 TraceCheckUtils]: 40: Hoare triple {3762#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,931 INFO L273 TraceCheckUtils]: 41: Hoare triple {3762#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,932 INFO L273 TraceCheckUtils]: 42: Hoare triple {3762#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,932 INFO L273 TraceCheckUtils]: 43: Hoare triple {3762#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,932 INFO L273 TraceCheckUtils]: 44: Hoare triple {3762#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,932 INFO L273 TraceCheckUtils]: 45: Hoare triple {3762#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,933 INFO L273 TraceCheckUtils]: 46: Hoare triple {3762#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,933 INFO L273 TraceCheckUtils]: 47: Hoare triple {3762#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {3762#false} is VALID [2018-11-14 17:18:51,933 INFO L273 TraceCheckUtils]: 48: Hoare triple {3762#false} assume #t~mem41 == 8544;havoc #t~mem41; {3762#false} is VALID [2018-11-14 17:18:51,934 INFO L273 TraceCheckUtils]: 49: Hoare triple {3762#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {3762#false} is VALID [2018-11-14 17:18:51,934 INFO L273 TraceCheckUtils]: 50: Hoare triple {3762#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {3762#false} is VALID [2018-11-14 17:18:51,934 INFO L273 TraceCheckUtils]: 51: Hoare triple {3762#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {3762#false} is VALID [2018-11-14 17:18:51,934 INFO L273 TraceCheckUtils]: 52: Hoare triple {3762#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {3762#false} is VALID [2018-11-14 17:18:51,935 INFO L273 TraceCheckUtils]: 53: Hoare triple {3762#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {3762#false} is VALID [2018-11-14 17:18:51,935 INFO L273 TraceCheckUtils]: 54: Hoare triple {3762#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {3762#false} is VALID [2018-11-14 17:18:51,935 INFO L273 TraceCheckUtils]: 55: Hoare triple {3762#false} assume ~blastFlag~0 == 8; {3762#false} is VALID [2018-11-14 17:18:51,935 INFO L273 TraceCheckUtils]: 56: Hoare triple {3762#false} assume !false; {3762#false} is VALID [2018-11-14 17:18:51,944 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 10 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:18:51,944 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:18:51,944 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:18:51,945 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:51,945 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:18:51,945 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:18:52,039 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 57 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:52,040 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:18:52,040 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:18:52,040 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:18:52,041 INFO L87 Difference]: Start difference. First operand 154 states and 231 transitions. Second operand 4 states. [2018-11-14 17:18:53,004 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:53,004 INFO L93 Difference]: Finished difference Result 296 states and 446 transitions. [2018-11-14 17:18:53,004 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:18:53,004 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:53,005 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:18:53,005 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:53,009 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 446 transitions. [2018-11-14 17:18:53,009 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:53,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 446 transitions. [2018-11-14 17:18:53,012 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 446 transitions. [2018-11-14 17:18:53,417 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 446 edges. 446 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:53,421 INFO L225 Difference]: With dead ends: 296 [2018-11-14 17:18:53,422 INFO L226 Difference]: Without dead ends: 168 [2018-11-14 17:18:53,422 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:18:53,422 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2018-11-14 17:18:53,457 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 154. [2018-11-14 17:18:53,457 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:18:53,458 INFO L82 GeneralOperation]: Start isEquivalent. First operand 168 states. Second operand 154 states. [2018-11-14 17:18:53,458 INFO L74 IsIncluded]: Start isIncluded. First operand 168 states. Second operand 154 states. [2018-11-14 17:18:53,458 INFO L87 Difference]: Start difference. First operand 168 states. Second operand 154 states. [2018-11-14 17:18:53,462 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:53,462 INFO L93 Difference]: Finished difference Result 168 states and 248 transitions. [2018-11-14 17:18:53,463 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 248 transitions. [2018-11-14 17:18:53,463 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:53,463 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:53,463 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 168 states. [2018-11-14 17:18:53,464 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 168 states. [2018-11-14 17:18:53,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:53,468 INFO L93 Difference]: Finished difference Result 168 states and 248 transitions. [2018-11-14 17:18:53,468 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 248 transitions. [2018-11-14 17:18:53,468 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:53,468 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:53,469 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:18:53,469 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:18:53,469 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:18:53,472 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 230 transitions. [2018-11-14 17:18:53,472 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 230 transitions. Word has length 57 [2018-11-14 17:18:53,473 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:18:53,473 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 230 transitions. [2018-11-14 17:18:53,473 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:18:53,473 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 230 transitions. [2018-11-14 17:18:53,474 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2018-11-14 17:18:53,474 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:53,474 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:53,474 INFO L423 AbstractCegarLoop]: === Iteration 6 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:53,474 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:53,475 INFO L82 PathProgramCache]: Analyzing trace with hash -777923505, now seen corresponding path program 1 times [2018-11-14 17:18:53,475 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:53,475 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:53,476 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:53,476 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:53,476 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:53,491 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:54,054 INFO L256 TraceCheckUtils]: 0: Hoare triple {4641#true} call ULTIMATE.init(); {4641#true} is VALID [2018-11-14 17:18:54,055 INFO L273 TraceCheckUtils]: 1: Hoare triple {4641#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {4641#true} is VALID [2018-11-14 17:18:54,055 INFO L273 TraceCheckUtils]: 2: Hoare triple {4641#true} assume true; {4641#true} is VALID [2018-11-14 17:18:54,055 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {4641#true} {4641#true} #682#return; {4641#true} is VALID [2018-11-14 17:18:54,056 INFO L256 TraceCheckUtils]: 4: Hoare triple {4641#true} call #t~ret138 := main(); {4641#true} is VALID [2018-11-14 17:18:54,056 INFO L273 TraceCheckUtils]: 5: Hoare triple {4641#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {4641#true} is VALID [2018-11-14 17:18:54,056 INFO L256 TraceCheckUtils]: 6: Hoare triple {4641#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {4641#true} is VALID [2018-11-14 17:18:54,069 INFO L273 TraceCheckUtils]: 7: Hoare triple {4641#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,083 INFO L273 TraceCheckUtils]: 8: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,092 INFO L273 TraceCheckUtils]: 9: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,103 INFO L273 TraceCheckUtils]: 10: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,115 INFO L273 TraceCheckUtils]: 11: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,119 INFO L273 TraceCheckUtils]: 12: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,119 INFO L273 TraceCheckUtils]: 13: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,121 INFO L273 TraceCheckUtils]: 14: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,121 INFO L273 TraceCheckUtils]: 15: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,123 INFO L273 TraceCheckUtils]: 16: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,123 INFO L273 TraceCheckUtils]: 17: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,125 INFO L273 TraceCheckUtils]: 18: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,125 INFO L273 TraceCheckUtils]: 19: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,127 INFO L273 TraceCheckUtils]: 20: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,127 INFO L273 TraceCheckUtils]: 21: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:54,128 INFO L273 TraceCheckUtils]: 22: Hoare triple {4643#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {4644#(= |ssl3_accept_#t~mem31| 8464)} is VALID [2018-11-14 17:18:54,128 INFO L273 TraceCheckUtils]: 23: Hoare triple {4644#(= |ssl3_accept_#t~mem31| 8464)} assume #t~mem31 == 8482;havoc #t~mem31; {4642#false} is VALID [2018-11-14 17:18:54,128 INFO L273 TraceCheckUtils]: 24: Hoare triple {4642#false} call write~int(3, ~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,128 INFO L273 TraceCheckUtils]: 25: Hoare triple {4642#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {4642#false} is VALID [2018-11-14 17:18:54,129 INFO L273 TraceCheckUtils]: 26: Hoare triple {4642#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {4642#false} is VALID [2018-11-14 17:18:54,129 INFO L273 TraceCheckUtils]: 27: Hoare triple {4642#false} ~skip~0 := 0; {4642#false} is VALID [2018-11-14 17:18:54,129 INFO L273 TraceCheckUtils]: 28: Hoare triple {4642#false} assume true; {4642#false} is VALID [2018-11-14 17:18:54,129 INFO L273 TraceCheckUtils]: 29: Hoare triple {4642#false} assume !false; {4642#false} is VALID [2018-11-14 17:18:54,129 INFO L273 TraceCheckUtils]: 30: Hoare triple {4642#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,130 INFO L273 TraceCheckUtils]: 31: Hoare triple {4642#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,130 INFO L273 TraceCheckUtils]: 32: Hoare triple {4642#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,130 INFO L273 TraceCheckUtils]: 33: Hoare triple {4642#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,130 INFO L273 TraceCheckUtils]: 34: Hoare triple {4642#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,130 INFO L273 TraceCheckUtils]: 35: Hoare triple {4642#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,131 INFO L273 TraceCheckUtils]: 36: Hoare triple {4642#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,131 INFO L273 TraceCheckUtils]: 37: Hoare triple {4642#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,131 INFO L273 TraceCheckUtils]: 38: Hoare triple {4642#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,131 INFO L273 TraceCheckUtils]: 39: Hoare triple {4642#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,131 INFO L273 TraceCheckUtils]: 40: Hoare triple {4642#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,132 INFO L273 TraceCheckUtils]: 41: Hoare triple {4642#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,132 INFO L273 TraceCheckUtils]: 42: Hoare triple {4642#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,132 INFO L273 TraceCheckUtils]: 43: Hoare triple {4642#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,132 INFO L273 TraceCheckUtils]: 44: Hoare triple {4642#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,133 INFO L273 TraceCheckUtils]: 45: Hoare triple {4642#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,133 INFO L273 TraceCheckUtils]: 46: Hoare triple {4642#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,133 INFO L273 TraceCheckUtils]: 47: Hoare triple {4642#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {4642#false} is VALID [2018-11-14 17:18:54,133 INFO L273 TraceCheckUtils]: 48: Hoare triple {4642#false} assume #t~mem41 == 8544;havoc #t~mem41; {4642#false} is VALID [2018-11-14 17:18:54,133 INFO L273 TraceCheckUtils]: 49: Hoare triple {4642#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {4642#false} is VALID [2018-11-14 17:18:54,133 INFO L273 TraceCheckUtils]: 50: Hoare triple {4642#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {4642#false} is VALID [2018-11-14 17:18:54,134 INFO L273 TraceCheckUtils]: 51: Hoare triple {4642#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {4642#false} is VALID [2018-11-14 17:18:54,134 INFO L273 TraceCheckUtils]: 52: Hoare triple {4642#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {4642#false} is VALID [2018-11-14 17:18:54,134 INFO L273 TraceCheckUtils]: 53: Hoare triple {4642#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {4642#false} is VALID [2018-11-14 17:18:54,134 INFO L273 TraceCheckUtils]: 54: Hoare triple {4642#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {4642#false} is VALID [2018-11-14 17:18:54,134 INFO L273 TraceCheckUtils]: 55: Hoare triple {4642#false} assume ~blastFlag~0 == 8; {4642#false} is VALID [2018-11-14 17:18:54,134 INFO L273 TraceCheckUtils]: 56: Hoare triple {4642#false} assume !false; {4642#false} is VALID [2018-11-14 17:18:54,138 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 11 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:18:54,139 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:18:54,139 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:18:54,139 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:54,139 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:18:54,140 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:18:54,203 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 57 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:54,204 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:18:54,204 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:18:54,204 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:18:54,204 INFO L87 Difference]: Start difference. First operand 154 states and 230 transitions. Second operand 4 states. [2018-11-14 17:18:55,338 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:55,339 INFO L93 Difference]: Finished difference Result 295 states and 444 transitions. [2018-11-14 17:18:55,339 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:18:55,339 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 57 [2018-11-14 17:18:55,339 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:18:55,339 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:55,343 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 444 transitions. [2018-11-14 17:18:55,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:55,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 444 transitions. [2018-11-14 17:18:55,347 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 444 transitions. [2018-11-14 17:18:56,194 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 444 edges. 444 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:56,199 INFO L225 Difference]: With dead ends: 295 [2018-11-14 17:18:56,199 INFO L226 Difference]: Without dead ends: 167 [2018-11-14 17:18:56,200 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:18:56,200 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2018-11-14 17:18:56,222 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 154. [2018-11-14 17:18:56,222 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:18:56,222 INFO L82 GeneralOperation]: Start isEquivalent. First operand 167 states. Second operand 154 states. [2018-11-14 17:18:56,223 INFO L74 IsIncluded]: Start isIncluded. First operand 167 states. Second operand 154 states. [2018-11-14 17:18:56,223 INFO L87 Difference]: Start difference. First operand 167 states. Second operand 154 states. [2018-11-14 17:18:56,227 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:56,227 INFO L93 Difference]: Finished difference Result 167 states and 246 transitions. [2018-11-14 17:18:56,227 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 246 transitions. [2018-11-14 17:18:56,228 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:56,228 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:56,228 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 167 states. [2018-11-14 17:18:56,228 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 167 states. [2018-11-14 17:18:56,233 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:56,233 INFO L93 Difference]: Finished difference Result 167 states and 246 transitions. [2018-11-14 17:18:56,233 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 246 transitions. [2018-11-14 17:18:56,234 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:56,234 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:56,234 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:18:56,234 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:18:56,234 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:18:56,238 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 229 transitions. [2018-11-14 17:18:56,238 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 229 transitions. Word has length 57 [2018-11-14 17:18:56,238 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:18:56,238 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 229 transitions. [2018-11-14 17:18:56,239 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:18:56,239 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 229 transitions. [2018-11-14 17:18:56,239 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2018-11-14 17:18:56,240 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:56,240 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:56,240 INFO L423 AbstractCegarLoop]: === Iteration 7 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:56,240 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:56,240 INFO L82 PathProgramCache]: Analyzing trace with hash 1390964448, now seen corresponding path program 1 times [2018-11-14 17:18:56,241 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:56,241 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:56,242 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:56,242 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:56,242 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:56,259 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:56,978 INFO L256 TraceCheckUtils]: 0: Hoare triple {5517#true} call ULTIMATE.init(); {5517#true} is VALID [2018-11-14 17:18:56,978 INFO L273 TraceCheckUtils]: 1: Hoare triple {5517#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {5517#true} is VALID [2018-11-14 17:18:56,979 INFO L273 TraceCheckUtils]: 2: Hoare triple {5517#true} assume true; {5517#true} is VALID [2018-11-14 17:18:56,979 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {5517#true} {5517#true} #682#return; {5517#true} is VALID [2018-11-14 17:18:56,979 INFO L256 TraceCheckUtils]: 4: Hoare triple {5517#true} call #t~ret138 := main(); {5517#true} is VALID [2018-11-14 17:18:56,979 INFO L273 TraceCheckUtils]: 5: Hoare triple {5517#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {5517#true} is VALID [2018-11-14 17:18:56,979 INFO L256 TraceCheckUtils]: 6: Hoare triple {5517#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {5517#true} is VALID [2018-11-14 17:18:56,981 INFO L273 TraceCheckUtils]: 7: Hoare triple {5517#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,985 INFO L273 TraceCheckUtils]: 8: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,986 INFO L273 TraceCheckUtils]: 9: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,987 INFO L273 TraceCheckUtils]: 10: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,987 INFO L273 TraceCheckUtils]: 11: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,989 INFO L273 TraceCheckUtils]: 12: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,989 INFO L273 TraceCheckUtils]: 13: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,989 INFO L273 TraceCheckUtils]: 14: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,990 INFO L273 TraceCheckUtils]: 15: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,990 INFO L273 TraceCheckUtils]: 16: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:56,991 INFO L273 TraceCheckUtils]: 17: Hoare triple {5519#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {5520#(= |ssl3_accept_#t~mem26| 8464)} is VALID [2018-11-14 17:18:56,991 INFO L273 TraceCheckUtils]: 18: Hoare triple {5520#(= |ssl3_accept_#t~mem26| 8464)} assume #t~mem26 == 8192;havoc #t~mem26; {5518#false} is VALID [2018-11-14 17:18:56,991 INFO L273 TraceCheckUtils]: 19: Hoare triple {5518#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {5518#false} is VALID [2018-11-14 17:18:56,991 INFO L273 TraceCheckUtils]: 20: Hoare triple {5518#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {5518#false} is VALID [2018-11-14 17:18:56,991 INFO L273 TraceCheckUtils]: 21: Hoare triple {5518#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {5518#false} is VALID [2018-11-14 17:18:56,992 INFO L273 TraceCheckUtils]: 22: Hoare triple {5518#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {5518#false} is VALID [2018-11-14 17:18:56,992 INFO L273 TraceCheckUtils]: 23: Hoare triple {5518#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {5518#false} is VALID [2018-11-14 17:18:56,992 INFO L273 TraceCheckUtils]: 24: Hoare triple {5518#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,992 INFO L273 TraceCheckUtils]: 25: Hoare triple {5518#false} assume !(#t~mem62 != 12292);havoc #t~mem62;call #t~mem65.base, #t~mem65.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem66 := read~int(#t~mem65.base, #t~mem65.offset + 60 + 16, 4);call write~int(#t~mem66 + 1, #t~mem65.base, #t~mem65.offset + 60 + 16, 4);havoc #t~mem65.base, #t~mem65.offset;havoc #t~mem66;call write~int(8480, ~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,992 INFO L273 TraceCheckUtils]: 26: Hoare triple {5518#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {5518#false} is VALID [2018-11-14 17:18:56,992 INFO L273 TraceCheckUtils]: 27: Hoare triple {5518#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {5518#false} is VALID [2018-11-14 17:18:56,993 INFO L273 TraceCheckUtils]: 28: Hoare triple {5518#false} ~skip~0 := 0; {5518#false} is VALID [2018-11-14 17:18:56,993 INFO L273 TraceCheckUtils]: 29: Hoare triple {5518#false} assume true; {5518#false} is VALID [2018-11-14 17:18:56,993 INFO L273 TraceCheckUtils]: 30: Hoare triple {5518#false} assume !false; {5518#false} is VALID [2018-11-14 17:18:56,993 INFO L273 TraceCheckUtils]: 31: Hoare triple {5518#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,993 INFO L273 TraceCheckUtils]: 32: Hoare triple {5518#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,994 INFO L273 TraceCheckUtils]: 33: Hoare triple {5518#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,994 INFO L273 TraceCheckUtils]: 34: Hoare triple {5518#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,994 INFO L273 TraceCheckUtils]: 35: Hoare triple {5518#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,994 INFO L273 TraceCheckUtils]: 36: Hoare triple {5518#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,995 INFO L273 TraceCheckUtils]: 37: Hoare triple {5518#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,995 INFO L273 TraceCheckUtils]: 38: Hoare triple {5518#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,995 INFO L273 TraceCheckUtils]: 39: Hoare triple {5518#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,995 INFO L273 TraceCheckUtils]: 40: Hoare triple {5518#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,996 INFO L273 TraceCheckUtils]: 41: Hoare triple {5518#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,996 INFO L273 TraceCheckUtils]: 42: Hoare triple {5518#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,996 INFO L273 TraceCheckUtils]: 43: Hoare triple {5518#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,996 INFO L273 TraceCheckUtils]: 44: Hoare triple {5518#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,996 INFO L273 TraceCheckUtils]: 45: Hoare triple {5518#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,997 INFO L273 TraceCheckUtils]: 46: Hoare triple {5518#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,997 INFO L273 TraceCheckUtils]: 47: Hoare triple {5518#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,997 INFO L273 TraceCheckUtils]: 48: Hoare triple {5518#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {5518#false} is VALID [2018-11-14 17:18:56,997 INFO L273 TraceCheckUtils]: 49: Hoare triple {5518#false} assume #t~mem41 == 8544;havoc #t~mem41; {5518#false} is VALID [2018-11-14 17:18:56,997 INFO L273 TraceCheckUtils]: 50: Hoare triple {5518#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {5518#false} is VALID [2018-11-14 17:18:56,998 INFO L273 TraceCheckUtils]: 51: Hoare triple {5518#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {5518#false} is VALID [2018-11-14 17:18:56,998 INFO L273 TraceCheckUtils]: 52: Hoare triple {5518#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {5518#false} is VALID [2018-11-14 17:18:56,998 INFO L273 TraceCheckUtils]: 53: Hoare triple {5518#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {5518#false} is VALID [2018-11-14 17:18:56,998 INFO L273 TraceCheckUtils]: 54: Hoare triple {5518#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {5518#false} is VALID [2018-11-14 17:18:56,998 INFO L273 TraceCheckUtils]: 55: Hoare triple {5518#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {5518#false} is VALID [2018-11-14 17:18:56,999 INFO L273 TraceCheckUtils]: 56: Hoare triple {5518#false} assume ~blastFlag~0 == 8; {5518#false} is VALID [2018-11-14 17:18:56,999 INFO L273 TraceCheckUtils]: 57: Hoare triple {5518#false} assume !false; {5518#false} is VALID [2018-11-14 17:18:57,003 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:18:57,004 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:18:57,004 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:18:57,004 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 58 [2018-11-14 17:18:57,004 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:18:57,005 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:18:57,065 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 58 edges. 58 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:57,066 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:18:57,066 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:18:57,066 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:18:57,067 INFO L87 Difference]: Start difference. First operand 154 states and 229 transitions. Second operand 4 states. [2018-11-14 17:18:58,194 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:58,195 INFO L93 Difference]: Finished difference Result 295 states and 443 transitions. [2018-11-14 17:18:58,195 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:18:58,195 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 58 [2018-11-14 17:18:58,195 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:18:58,195 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:58,199 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 443 transitions. [2018-11-14 17:18:58,199 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:18:58,202 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 443 transitions. [2018-11-14 17:18:58,202 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 443 transitions. [2018-11-14 17:18:59,073 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 443 edges. 443 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:18:59,077 INFO L225 Difference]: With dead ends: 295 [2018-11-14 17:18:59,077 INFO L226 Difference]: Without dead ends: 167 [2018-11-14 17:18:59,078 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:18:59,078 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2018-11-14 17:18:59,096 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 154. [2018-11-14 17:18:59,096 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:18:59,096 INFO L82 GeneralOperation]: Start isEquivalent. First operand 167 states. Second operand 154 states. [2018-11-14 17:18:59,096 INFO L74 IsIncluded]: Start isIncluded. First operand 167 states. Second operand 154 states. [2018-11-14 17:18:59,097 INFO L87 Difference]: Start difference. First operand 167 states. Second operand 154 states. [2018-11-14 17:18:59,100 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:59,100 INFO L93 Difference]: Finished difference Result 167 states and 245 transitions. [2018-11-14 17:18:59,101 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 245 transitions. [2018-11-14 17:18:59,101 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:59,101 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:59,101 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 167 states. [2018-11-14 17:18:59,102 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 167 states. [2018-11-14 17:18:59,105 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:18:59,105 INFO L93 Difference]: Finished difference Result 167 states and 245 transitions. [2018-11-14 17:18:59,105 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 245 transitions. [2018-11-14 17:18:59,106 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:18:59,106 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:18:59,106 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:18:59,106 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:18:59,107 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:18:59,110 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 228 transitions. [2018-11-14 17:18:59,110 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 228 transitions. Word has length 58 [2018-11-14 17:18:59,110 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:18:59,110 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 228 transitions. [2018-11-14 17:18:59,110 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:18:59,110 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 228 transitions. [2018-11-14 17:18:59,111 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2018-11-14 17:18:59,111 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:18:59,112 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:18:59,112 INFO L423 AbstractCegarLoop]: === Iteration 8 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:18:59,112 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:18:59,112 INFO L82 PathProgramCache]: Analyzing trace with hash -2009133438, now seen corresponding path program 1 times [2018-11-14 17:18:59,112 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:18:59,112 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:18:59,114 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:59,114 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:18:59,114 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:18:59,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:18:59,850 INFO L256 TraceCheckUtils]: 0: Hoare triple {6393#true} call ULTIMATE.init(); {6393#true} is VALID [2018-11-14 17:18:59,850 INFO L273 TraceCheckUtils]: 1: Hoare triple {6393#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {6393#true} is VALID [2018-11-14 17:18:59,851 INFO L273 TraceCheckUtils]: 2: Hoare triple {6393#true} assume true; {6393#true} is VALID [2018-11-14 17:18:59,851 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {6393#true} {6393#true} #682#return; {6393#true} is VALID [2018-11-14 17:18:59,851 INFO L256 TraceCheckUtils]: 4: Hoare triple {6393#true} call #t~ret138 := main(); {6393#true} is VALID [2018-11-14 17:18:59,851 INFO L273 TraceCheckUtils]: 5: Hoare triple {6393#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {6393#true} is VALID [2018-11-14 17:18:59,856 INFO L256 TraceCheckUtils]: 6: Hoare triple {6393#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {6393#true} is VALID [2018-11-14 17:18:59,867 INFO L273 TraceCheckUtils]: 7: Hoare triple {6393#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,885 INFO L273 TraceCheckUtils]: 8: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,894 INFO L273 TraceCheckUtils]: 9: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,907 INFO L273 TraceCheckUtils]: 10: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,923 INFO L273 TraceCheckUtils]: 11: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,932 INFO L273 TraceCheckUtils]: 12: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,951 INFO L273 TraceCheckUtils]: 13: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,960 INFO L273 TraceCheckUtils]: 14: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,972 INFO L273 TraceCheckUtils]: 15: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,985 INFO L273 TraceCheckUtils]: 16: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:18:59,998 INFO L273 TraceCheckUtils]: 17: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:00,014 INFO L273 TraceCheckUtils]: 18: Hoare triple {6395#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {6396#(= |ssl3_accept_#t~mem27| 8464)} is VALID [2018-11-14 17:19:00,023 INFO L273 TraceCheckUtils]: 19: Hoare triple {6396#(= |ssl3_accept_#t~mem27| 8464)} assume #t~mem27 == 24576;havoc #t~mem27; {6394#false} is VALID [2018-11-14 17:19:00,023 INFO L273 TraceCheckUtils]: 20: Hoare triple {6394#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {6394#false} is VALID [2018-11-14 17:19:00,024 INFO L273 TraceCheckUtils]: 21: Hoare triple {6394#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {6394#false} is VALID [2018-11-14 17:19:00,024 INFO L273 TraceCheckUtils]: 22: Hoare triple {6394#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {6394#false} is VALID [2018-11-14 17:19:00,024 INFO L273 TraceCheckUtils]: 23: Hoare triple {6394#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {6394#false} is VALID [2018-11-14 17:19:00,024 INFO L273 TraceCheckUtils]: 24: Hoare triple {6394#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {6394#false} is VALID [2018-11-14 17:19:00,024 INFO L273 TraceCheckUtils]: 25: Hoare triple {6394#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,025 INFO L273 TraceCheckUtils]: 26: Hoare triple {6394#false} assume !(#t~mem62 != 12292);havoc #t~mem62;call #t~mem65.base, #t~mem65.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem66 := read~int(#t~mem65.base, #t~mem65.offset + 60 + 16, 4);call write~int(#t~mem66 + 1, #t~mem65.base, #t~mem65.offset + 60 + 16, 4);havoc #t~mem65.base, #t~mem65.offset;havoc #t~mem66;call write~int(8480, ~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,025 INFO L273 TraceCheckUtils]: 27: Hoare triple {6394#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {6394#false} is VALID [2018-11-14 17:19:00,025 INFO L273 TraceCheckUtils]: 28: Hoare triple {6394#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {6394#false} is VALID [2018-11-14 17:19:00,025 INFO L273 TraceCheckUtils]: 29: Hoare triple {6394#false} ~skip~0 := 0; {6394#false} is VALID [2018-11-14 17:19:00,025 INFO L273 TraceCheckUtils]: 30: Hoare triple {6394#false} assume true; {6394#false} is VALID [2018-11-14 17:19:00,025 INFO L273 TraceCheckUtils]: 31: Hoare triple {6394#false} assume !false; {6394#false} is VALID [2018-11-14 17:19:00,026 INFO L273 TraceCheckUtils]: 32: Hoare triple {6394#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,026 INFO L273 TraceCheckUtils]: 33: Hoare triple {6394#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,026 INFO L273 TraceCheckUtils]: 34: Hoare triple {6394#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,026 INFO L273 TraceCheckUtils]: 35: Hoare triple {6394#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,026 INFO L273 TraceCheckUtils]: 36: Hoare triple {6394#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,027 INFO L273 TraceCheckUtils]: 37: Hoare triple {6394#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,027 INFO L273 TraceCheckUtils]: 38: Hoare triple {6394#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,027 INFO L273 TraceCheckUtils]: 39: Hoare triple {6394#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,027 INFO L273 TraceCheckUtils]: 40: Hoare triple {6394#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,027 INFO L273 TraceCheckUtils]: 41: Hoare triple {6394#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,028 INFO L273 TraceCheckUtils]: 42: Hoare triple {6394#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,028 INFO L273 TraceCheckUtils]: 43: Hoare triple {6394#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,028 INFO L273 TraceCheckUtils]: 44: Hoare triple {6394#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,028 INFO L273 TraceCheckUtils]: 45: Hoare triple {6394#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,028 INFO L273 TraceCheckUtils]: 46: Hoare triple {6394#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,029 INFO L273 TraceCheckUtils]: 47: Hoare triple {6394#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,029 INFO L273 TraceCheckUtils]: 48: Hoare triple {6394#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,029 INFO L273 TraceCheckUtils]: 49: Hoare triple {6394#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {6394#false} is VALID [2018-11-14 17:19:00,029 INFO L273 TraceCheckUtils]: 50: Hoare triple {6394#false} assume #t~mem41 == 8544;havoc #t~mem41; {6394#false} is VALID [2018-11-14 17:19:00,029 INFO L273 TraceCheckUtils]: 51: Hoare triple {6394#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {6394#false} is VALID [2018-11-14 17:19:00,030 INFO L273 TraceCheckUtils]: 52: Hoare triple {6394#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {6394#false} is VALID [2018-11-14 17:19:00,030 INFO L273 TraceCheckUtils]: 53: Hoare triple {6394#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {6394#false} is VALID [2018-11-14 17:19:00,030 INFO L273 TraceCheckUtils]: 54: Hoare triple {6394#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {6394#false} is VALID [2018-11-14 17:19:00,030 INFO L273 TraceCheckUtils]: 55: Hoare triple {6394#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {6394#false} is VALID [2018-11-14 17:19:00,038 INFO L273 TraceCheckUtils]: 56: Hoare triple {6394#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {6394#false} is VALID [2018-11-14 17:19:00,038 INFO L273 TraceCheckUtils]: 57: Hoare triple {6394#false} assume ~blastFlag~0 == 8; {6394#false} is VALID [2018-11-14 17:19:00,038 INFO L273 TraceCheckUtils]: 58: Hoare triple {6394#false} assume !false; {6394#false} is VALID [2018-11-14 17:19:00,047 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:00,047 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:00,048 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:00,048 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 59 [2018-11-14 17:19:00,048 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:00,049 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:00,202 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 59 edges. 59 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:00,202 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:00,202 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:00,202 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:00,203 INFO L87 Difference]: Start difference. First operand 154 states and 228 transitions. Second operand 4 states. [2018-11-14 17:19:01,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:01,946 INFO L93 Difference]: Finished difference Result 295 states and 442 transitions. [2018-11-14 17:19:01,946 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:01,946 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 59 [2018-11-14 17:19:01,946 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:01,947 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:01,950 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 442 transitions. [2018-11-14 17:19:01,951 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:01,954 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 442 transitions. [2018-11-14 17:19:01,955 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 442 transitions. [2018-11-14 17:19:02,834 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 442 edges. 442 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:02,839 INFO L225 Difference]: With dead ends: 295 [2018-11-14 17:19:02,839 INFO L226 Difference]: Without dead ends: 167 [2018-11-14 17:19:02,840 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:02,840 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2018-11-14 17:19:02,896 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 154. [2018-11-14 17:19:02,897 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:02,897 INFO L82 GeneralOperation]: Start isEquivalent. First operand 167 states. Second operand 154 states. [2018-11-14 17:19:02,897 INFO L74 IsIncluded]: Start isIncluded. First operand 167 states. Second operand 154 states. [2018-11-14 17:19:02,897 INFO L87 Difference]: Start difference. First operand 167 states. Second operand 154 states. [2018-11-14 17:19:02,923 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:02,923 INFO L93 Difference]: Finished difference Result 167 states and 244 transitions. [2018-11-14 17:19:02,923 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 244 transitions. [2018-11-14 17:19:02,925 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:02,925 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:02,925 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 167 states. [2018-11-14 17:19:02,926 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 167 states. [2018-11-14 17:19:02,929 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:02,929 INFO L93 Difference]: Finished difference Result 167 states and 244 transitions. [2018-11-14 17:19:02,930 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 244 transitions. [2018-11-14 17:19:02,930 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:02,930 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:02,930 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:02,930 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:02,931 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:19:02,935 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 227 transitions. [2018-11-14 17:19:02,935 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 227 transitions. Word has length 59 [2018-11-14 17:19:02,935 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:02,935 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 227 transitions. [2018-11-14 17:19:02,935 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:02,936 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 227 transitions. [2018-11-14 17:19:02,936 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2018-11-14 17:19:02,936 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:02,936 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:02,937 INFO L423 AbstractCegarLoop]: === Iteration 9 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:02,937 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:02,937 INFO L82 PathProgramCache]: Analyzing trace with hash -1320020101, now seen corresponding path program 1 times [2018-11-14 17:19:02,937 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:02,938 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:02,939 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:02,939 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:02,939 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:02,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:03,239 WARN L179 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 18 DAG size of output: 15 [2018-11-14 17:19:03,662 INFO L256 TraceCheckUtils]: 0: Hoare triple {7269#true} call ULTIMATE.init(); {7269#true} is VALID [2018-11-14 17:19:03,662 INFO L273 TraceCheckUtils]: 1: Hoare triple {7269#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {7269#true} is VALID [2018-11-14 17:19:03,662 INFO L273 TraceCheckUtils]: 2: Hoare triple {7269#true} assume true; {7269#true} is VALID [2018-11-14 17:19:03,663 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {7269#true} {7269#true} #682#return; {7269#true} is VALID [2018-11-14 17:19:03,663 INFO L256 TraceCheckUtils]: 4: Hoare triple {7269#true} call #t~ret138 := main(); {7269#true} is VALID [2018-11-14 17:19:03,663 INFO L273 TraceCheckUtils]: 5: Hoare triple {7269#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {7269#true} is VALID [2018-11-14 17:19:03,663 INFO L256 TraceCheckUtils]: 6: Hoare triple {7269#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {7269#true} is VALID [2018-11-14 17:19:03,668 INFO L273 TraceCheckUtils]: 7: Hoare triple {7269#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,668 INFO L273 TraceCheckUtils]: 8: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,669 INFO L273 TraceCheckUtils]: 9: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,669 INFO L273 TraceCheckUtils]: 10: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,669 INFO L273 TraceCheckUtils]: 11: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,670 INFO L273 TraceCheckUtils]: 12: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,670 INFO L273 TraceCheckUtils]: 13: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume true; {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,670 INFO L273 TraceCheckUtils]: 14: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !false; {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,671 INFO L273 TraceCheckUtils]: 15: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,671 INFO L273 TraceCheckUtils]: 16: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,672 INFO L273 TraceCheckUtils]: 17: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,672 INFO L273 TraceCheckUtils]: 18: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} is VALID [2018-11-14 17:19:03,673 INFO L273 TraceCheckUtils]: 19: Hoare triple {7271#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28) (+ (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 28)) 1)) (+ ssl3_accept_~s.offset 52)) 8464)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {7272#(= |ssl3_accept_#t~mem28| 8464)} is VALID [2018-11-14 17:19:03,674 INFO L273 TraceCheckUtils]: 20: Hoare triple {7272#(= |ssl3_accept_#t~mem28| 8464)} assume #t~mem28 == 8195;havoc #t~mem28; {7270#false} is VALID [2018-11-14 17:19:03,674 INFO L273 TraceCheckUtils]: 21: Hoare triple {7270#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {7270#false} is VALID [2018-11-14 17:19:03,674 INFO L273 TraceCheckUtils]: 22: Hoare triple {7270#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {7270#false} is VALID [2018-11-14 17:19:03,674 INFO L273 TraceCheckUtils]: 23: Hoare triple {7270#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {7270#false} is VALID [2018-11-14 17:19:03,675 INFO L273 TraceCheckUtils]: 24: Hoare triple {7270#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {7270#false} is VALID [2018-11-14 17:19:03,675 INFO L273 TraceCheckUtils]: 25: Hoare triple {7270#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {7270#false} is VALID [2018-11-14 17:19:03,675 INFO L273 TraceCheckUtils]: 26: Hoare triple {7270#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,675 INFO L273 TraceCheckUtils]: 27: Hoare triple {7270#false} assume !(#t~mem62 != 12292);havoc #t~mem62;call #t~mem65.base, #t~mem65.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem66 := read~int(#t~mem65.base, #t~mem65.offset + 60 + 16, 4);call write~int(#t~mem66 + 1, #t~mem65.base, #t~mem65.offset + 60 + 16, 4);havoc #t~mem65.base, #t~mem65.offset;havoc #t~mem66;call write~int(8480, ~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,676 INFO L273 TraceCheckUtils]: 28: Hoare triple {7270#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {7270#false} is VALID [2018-11-14 17:19:03,676 INFO L273 TraceCheckUtils]: 29: Hoare triple {7270#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {7270#false} is VALID [2018-11-14 17:19:03,676 INFO L273 TraceCheckUtils]: 30: Hoare triple {7270#false} ~skip~0 := 0; {7270#false} is VALID [2018-11-14 17:19:03,676 INFO L273 TraceCheckUtils]: 31: Hoare triple {7270#false} assume true; {7270#false} is VALID [2018-11-14 17:19:03,679 INFO L273 TraceCheckUtils]: 32: Hoare triple {7270#false} assume !false; {7270#false} is VALID [2018-11-14 17:19:03,679 INFO L273 TraceCheckUtils]: 33: Hoare triple {7270#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,679 INFO L273 TraceCheckUtils]: 34: Hoare triple {7270#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,679 INFO L273 TraceCheckUtils]: 35: Hoare triple {7270#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,679 INFO L273 TraceCheckUtils]: 36: Hoare triple {7270#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,680 INFO L273 TraceCheckUtils]: 37: Hoare triple {7270#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,680 INFO L273 TraceCheckUtils]: 38: Hoare triple {7270#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,680 INFO L273 TraceCheckUtils]: 39: Hoare triple {7270#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,680 INFO L273 TraceCheckUtils]: 40: Hoare triple {7270#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,680 INFO L273 TraceCheckUtils]: 41: Hoare triple {7270#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,681 INFO L273 TraceCheckUtils]: 42: Hoare triple {7270#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,681 INFO L273 TraceCheckUtils]: 43: Hoare triple {7270#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,681 INFO L273 TraceCheckUtils]: 44: Hoare triple {7270#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,681 INFO L273 TraceCheckUtils]: 45: Hoare triple {7270#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,681 INFO L273 TraceCheckUtils]: 46: Hoare triple {7270#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,682 INFO L273 TraceCheckUtils]: 47: Hoare triple {7270#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,682 INFO L273 TraceCheckUtils]: 48: Hoare triple {7270#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,682 INFO L273 TraceCheckUtils]: 49: Hoare triple {7270#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,682 INFO L273 TraceCheckUtils]: 50: Hoare triple {7270#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {7270#false} is VALID [2018-11-14 17:19:03,682 INFO L273 TraceCheckUtils]: 51: Hoare triple {7270#false} assume #t~mem41 == 8544;havoc #t~mem41; {7270#false} is VALID [2018-11-14 17:19:03,683 INFO L273 TraceCheckUtils]: 52: Hoare triple {7270#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {7270#false} is VALID [2018-11-14 17:19:03,683 INFO L273 TraceCheckUtils]: 53: Hoare triple {7270#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {7270#false} is VALID [2018-11-14 17:19:03,683 INFO L273 TraceCheckUtils]: 54: Hoare triple {7270#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {7270#false} is VALID [2018-11-14 17:19:03,683 INFO L273 TraceCheckUtils]: 55: Hoare triple {7270#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {7270#false} is VALID [2018-11-14 17:19:03,683 INFO L273 TraceCheckUtils]: 56: Hoare triple {7270#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {7270#false} is VALID [2018-11-14 17:19:03,683 INFO L273 TraceCheckUtils]: 57: Hoare triple {7270#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {7270#false} is VALID [2018-11-14 17:19:03,684 INFO L273 TraceCheckUtils]: 58: Hoare triple {7270#false} assume ~blastFlag~0 == 8; {7270#false} is VALID [2018-11-14 17:19:03,684 INFO L273 TraceCheckUtils]: 59: Hoare triple {7270#false} assume !false; {7270#false} is VALID [2018-11-14 17:19:03,691 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:03,691 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:03,691 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:03,692 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 60 [2018-11-14 17:19:03,692 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:03,692 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:03,812 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 60 edges. 60 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:03,812 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:03,812 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:03,812 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:03,813 INFO L87 Difference]: Start difference. First operand 154 states and 227 transitions. Second operand 4 states. [2018-11-14 17:19:05,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:05,054 INFO L93 Difference]: Finished difference Result 285 states and 428 transitions. [2018-11-14 17:19:05,054 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:05,055 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 60 [2018-11-14 17:19:05,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:05,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:05,059 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 428 transitions. [2018-11-14 17:19:05,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:05,062 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 428 transitions. [2018-11-14 17:19:05,062 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 428 transitions. [2018-11-14 17:19:06,091 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 428 edges. 428 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:06,093 INFO L225 Difference]: With dead ends: 285 [2018-11-14 17:19:06,093 INFO L226 Difference]: Without dead ends: 157 [2018-11-14 17:19:06,094 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:06,094 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 157 states. [2018-11-14 17:19:06,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 157 to 154. [2018-11-14 17:19:06,166 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:06,166 INFO L82 GeneralOperation]: Start isEquivalent. First operand 157 states. Second operand 154 states. [2018-11-14 17:19:06,166 INFO L74 IsIncluded]: Start isIncluded. First operand 157 states. Second operand 154 states. [2018-11-14 17:19:06,167 INFO L87 Difference]: Start difference. First operand 157 states. Second operand 154 states. [2018-11-14 17:19:06,171 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:06,171 INFO L93 Difference]: Finished difference Result 157 states and 230 transitions. [2018-11-14 17:19:06,171 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 230 transitions. [2018-11-14 17:19:06,172 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:06,172 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:06,172 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 157 states. [2018-11-14 17:19:06,172 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 157 states. [2018-11-14 17:19:06,175 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:06,175 INFO L93 Difference]: Finished difference Result 157 states and 230 transitions. [2018-11-14 17:19:06,176 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 230 transitions. [2018-11-14 17:19:06,176 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:06,176 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:06,176 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:06,177 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:06,177 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 154 states. [2018-11-14 17:19:06,179 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 226 transitions. [2018-11-14 17:19:06,180 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 226 transitions. Word has length 60 [2018-11-14 17:19:06,180 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:06,180 INFO L480 AbstractCegarLoop]: Abstraction has 154 states and 226 transitions. [2018-11-14 17:19:06,180 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:06,180 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 226 transitions. [2018-11-14 17:19:06,181 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2018-11-14 17:19:06,181 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:06,181 INFO L375 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:06,181 INFO L423 AbstractCegarLoop]: === Iteration 10 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:06,182 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:06,182 INFO L82 PathProgramCache]: Analyzing trace with hash 1568704370, now seen corresponding path program 1 times [2018-11-14 17:19:06,182 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:06,182 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:06,183 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:06,183 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:06,183 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:06,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:06,287 INFO L256 TraceCheckUtils]: 0: Hoare triple {8114#true} call ULTIMATE.init(); {8114#true} is VALID [2018-11-14 17:19:06,288 INFO L273 TraceCheckUtils]: 1: Hoare triple {8114#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {8114#true} is VALID [2018-11-14 17:19:06,288 INFO L273 TraceCheckUtils]: 2: Hoare triple {8114#true} assume true; {8114#true} is VALID [2018-11-14 17:19:06,288 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {8114#true} {8114#true} #682#return; {8114#true} is VALID [2018-11-14 17:19:06,289 INFO L256 TraceCheckUtils]: 4: Hoare triple {8114#true} call #t~ret138 := main(); {8114#true} is VALID [2018-11-14 17:19:06,289 INFO L273 TraceCheckUtils]: 5: Hoare triple {8114#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {8114#true} is VALID [2018-11-14 17:19:06,289 INFO L256 TraceCheckUtils]: 6: Hoare triple {8114#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {8114#true} is VALID [2018-11-14 17:19:06,289 INFO L273 TraceCheckUtils]: 7: Hoare triple {8114#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {8114#true} is VALID [2018-11-14 17:19:06,290 INFO L273 TraceCheckUtils]: 8: Hoare triple {8114#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {8114#true} is VALID [2018-11-14 17:19:06,290 INFO L273 TraceCheckUtils]: 9: Hoare triple {8114#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {8114#true} is VALID [2018-11-14 17:19:06,290 INFO L273 TraceCheckUtils]: 10: Hoare triple {8114#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {8114#true} is VALID [2018-11-14 17:19:06,290 INFO L273 TraceCheckUtils]: 11: Hoare triple {8114#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {8114#true} is VALID [2018-11-14 17:19:06,290 INFO L273 TraceCheckUtils]: 12: Hoare triple {8114#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {8114#true} is VALID [2018-11-14 17:19:06,291 INFO L273 TraceCheckUtils]: 13: Hoare triple {8114#true} assume true; {8114#true} is VALID [2018-11-14 17:19:06,291 INFO L273 TraceCheckUtils]: 14: Hoare triple {8114#true} assume !false; {8114#true} is VALID [2018-11-14 17:19:06,291 INFO L273 TraceCheckUtils]: 15: Hoare triple {8114#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,291 INFO L273 TraceCheckUtils]: 16: Hoare triple {8114#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,291 INFO L273 TraceCheckUtils]: 17: Hoare triple {8114#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,292 INFO L273 TraceCheckUtils]: 18: Hoare triple {8114#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,292 INFO L273 TraceCheckUtils]: 19: Hoare triple {8114#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,292 INFO L273 TraceCheckUtils]: 20: Hoare triple {8114#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,292 INFO L273 TraceCheckUtils]: 21: Hoare triple {8114#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,292 INFO L273 TraceCheckUtils]: 22: Hoare triple {8114#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,293 INFO L273 TraceCheckUtils]: 23: Hoare triple {8114#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {8114#true} is VALID [2018-11-14 17:19:06,293 INFO L273 TraceCheckUtils]: 24: Hoare triple {8114#true} assume #t~mem32 == 8464;havoc #t~mem32; {8114#true} is VALID [2018-11-14 17:19:06,293 INFO L273 TraceCheckUtils]: 25: Hoare triple {8114#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {8114#true} is VALID [2018-11-14 17:19:06,293 INFO L273 TraceCheckUtils]: 26: Hoare triple {8114#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {8114#true} is VALID [2018-11-14 17:19:06,307 INFO L273 TraceCheckUtils]: 27: Hoare triple {8114#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,308 INFO L273 TraceCheckUtils]: 28: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,309 INFO L273 TraceCheckUtils]: 29: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,309 INFO L273 TraceCheckUtils]: 30: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} ~skip~0 := 0; {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,309 INFO L273 TraceCheckUtils]: 31: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume true; {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,310 INFO L273 TraceCheckUtils]: 32: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !false; {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,310 INFO L273 TraceCheckUtils]: 33: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,310 INFO L273 TraceCheckUtils]: 34: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,311 INFO L273 TraceCheckUtils]: 35: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,311 INFO L273 TraceCheckUtils]: 36: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,311 INFO L273 TraceCheckUtils]: 37: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,312 INFO L273 TraceCheckUtils]: 38: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,312 INFO L273 TraceCheckUtils]: 39: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,313 INFO L273 TraceCheckUtils]: 40: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,313 INFO L273 TraceCheckUtils]: 41: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,314 INFO L273 TraceCheckUtils]: 42: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,314 INFO L273 TraceCheckUtils]: 43: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:06,315 INFO L273 TraceCheckUtils]: 44: Hoare triple {8116#(= 8496 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {8117#(= 8496 |ssl3_accept_#t~mem35|)} is VALID [2018-11-14 17:19:06,315 INFO L273 TraceCheckUtils]: 45: Hoare triple {8117#(= 8496 |ssl3_accept_#t~mem35|)} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {8115#false} is VALID [2018-11-14 17:19:06,316 INFO L273 TraceCheckUtils]: 46: Hoare triple {8115#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {8115#false} is VALID [2018-11-14 17:19:06,316 INFO L273 TraceCheckUtils]: 47: Hoare triple {8115#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {8115#false} is VALID [2018-11-14 17:19:06,316 INFO L273 TraceCheckUtils]: 48: Hoare triple {8115#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {8115#false} is VALID [2018-11-14 17:19:06,316 INFO L273 TraceCheckUtils]: 49: Hoare triple {8115#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {8115#false} is VALID [2018-11-14 17:19:06,316 INFO L273 TraceCheckUtils]: 50: Hoare triple {8115#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {8115#false} is VALID [2018-11-14 17:19:06,317 INFO L273 TraceCheckUtils]: 51: Hoare triple {8115#false} assume #t~mem41 == 8544;havoc #t~mem41; {8115#false} is VALID [2018-11-14 17:19:06,317 INFO L273 TraceCheckUtils]: 52: Hoare triple {8115#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {8115#false} is VALID [2018-11-14 17:19:06,317 INFO L273 TraceCheckUtils]: 53: Hoare triple {8115#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {8115#false} is VALID [2018-11-14 17:19:06,317 INFO L273 TraceCheckUtils]: 54: Hoare triple {8115#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {8115#false} is VALID [2018-11-14 17:19:06,317 INFO L273 TraceCheckUtils]: 55: Hoare triple {8115#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {8115#false} is VALID [2018-11-14 17:19:06,318 INFO L273 TraceCheckUtils]: 56: Hoare triple {8115#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {8115#false} is VALID [2018-11-14 17:19:06,318 INFO L273 TraceCheckUtils]: 57: Hoare triple {8115#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {8115#false} is VALID [2018-11-14 17:19:06,318 INFO L273 TraceCheckUtils]: 58: Hoare triple {8115#false} assume ~blastFlag~0 == 8; {8115#false} is VALID [2018-11-14 17:19:06,319 INFO L273 TraceCheckUtils]: 59: Hoare triple {8115#false} assume !false; {8115#false} is VALID [2018-11-14 17:19:06,323 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:06,323 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:06,323 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:06,323 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 60 [2018-11-14 17:19:06,324 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:06,324 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:06,386 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 60 edges. 60 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:06,386 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:06,387 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:06,387 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:06,387 INFO L87 Difference]: Start difference. First operand 154 states and 226 transitions. Second operand 4 states. [2018-11-14 17:19:07,493 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:07,493 INFO L93 Difference]: Finished difference Result 326 states and 490 transitions. [2018-11-14 17:19:07,493 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:07,494 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 60 [2018-11-14 17:19:07,494 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:07,494 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:07,499 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 478 transitions. [2018-11-14 17:19:07,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:07,501 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 478 transitions. [2018-11-14 17:19:07,501 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 478 transitions. [2018-11-14 17:19:07,928 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 478 edges. 478 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:07,932 INFO L225 Difference]: With dead ends: 326 [2018-11-14 17:19:07,932 INFO L226 Difference]: Without dead ends: 198 [2018-11-14 17:19:07,933 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:07,933 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 198 states. [2018-11-14 17:19:07,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 198 to 177. [2018-11-14 17:19:07,987 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:07,987 INFO L82 GeneralOperation]: Start isEquivalent. First operand 198 states. Second operand 177 states. [2018-11-14 17:19:07,987 INFO L74 IsIncluded]: Start isIncluded. First operand 198 states. Second operand 177 states. [2018-11-14 17:19:07,988 INFO L87 Difference]: Start difference. First operand 198 states. Second operand 177 states. [2018-11-14 17:19:07,992 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:07,992 INFO L93 Difference]: Finished difference Result 198 states and 292 transitions. [2018-11-14 17:19:07,993 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 292 transitions. [2018-11-14 17:19:07,993 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:07,994 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:07,994 INFO L74 IsIncluded]: Start isIncluded. First operand 177 states. Second operand 198 states. [2018-11-14 17:19:07,994 INFO L87 Difference]: Start difference. First operand 177 states. Second operand 198 states. [2018-11-14 17:19:07,998 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:07,998 INFO L93 Difference]: Finished difference Result 198 states and 292 transitions. [2018-11-14 17:19:07,999 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 292 transitions. [2018-11-14 17:19:07,999 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:07,999 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:07,999 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:08,000 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:08,000 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 177 states. [2018-11-14 17:19:08,003 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 265 transitions. [2018-11-14 17:19:08,003 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 265 transitions. Word has length 60 [2018-11-14 17:19:08,004 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:08,004 INFO L480 AbstractCegarLoop]: Abstraction has 177 states and 265 transitions. [2018-11-14 17:19:08,004 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:08,004 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 265 transitions. [2018-11-14 17:19:08,005 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2018-11-14 17:19:08,005 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:08,005 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:08,005 INFO L423 AbstractCegarLoop]: === Iteration 11 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:08,006 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:08,006 INFO L82 PathProgramCache]: Analyzing trace with hash 787078372, now seen corresponding path program 1 times [2018-11-14 17:19:08,006 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:08,006 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:08,007 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:08,007 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:08,007 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:08,024 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:08,242 INFO L256 TraceCheckUtils]: 0: Hoare triple {9114#true} call ULTIMATE.init(); {9114#true} is VALID [2018-11-14 17:19:08,242 INFO L273 TraceCheckUtils]: 1: Hoare triple {9114#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {9114#true} is VALID [2018-11-14 17:19:08,243 INFO L273 TraceCheckUtils]: 2: Hoare triple {9114#true} assume true; {9114#true} is VALID [2018-11-14 17:19:08,243 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {9114#true} {9114#true} #682#return; {9114#true} is VALID [2018-11-14 17:19:08,243 INFO L256 TraceCheckUtils]: 4: Hoare triple {9114#true} call #t~ret138 := main(); {9114#true} is VALID [2018-11-14 17:19:08,243 INFO L273 TraceCheckUtils]: 5: Hoare triple {9114#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {9114#true} is VALID [2018-11-14 17:19:08,243 INFO L256 TraceCheckUtils]: 6: Hoare triple {9114#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {9114#true} is VALID [2018-11-14 17:19:08,244 INFO L273 TraceCheckUtils]: 7: Hoare triple {9114#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {9114#true} is VALID [2018-11-14 17:19:08,244 INFO L273 TraceCheckUtils]: 8: Hoare triple {9114#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {9114#true} is VALID [2018-11-14 17:19:08,244 INFO L273 TraceCheckUtils]: 9: Hoare triple {9114#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {9114#true} is VALID [2018-11-14 17:19:08,244 INFO L273 TraceCheckUtils]: 10: Hoare triple {9114#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {9114#true} is VALID [2018-11-14 17:19:08,245 INFO L273 TraceCheckUtils]: 11: Hoare triple {9114#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {9114#true} is VALID [2018-11-14 17:19:08,245 INFO L273 TraceCheckUtils]: 12: Hoare triple {9114#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {9114#true} is VALID [2018-11-14 17:19:08,245 INFO L273 TraceCheckUtils]: 13: Hoare triple {9114#true} assume true; {9114#true} is VALID [2018-11-14 17:19:08,246 INFO L273 TraceCheckUtils]: 14: Hoare triple {9114#true} assume !false; {9114#true} is VALID [2018-11-14 17:19:08,246 INFO L273 TraceCheckUtils]: 15: Hoare triple {9114#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,246 INFO L273 TraceCheckUtils]: 16: Hoare triple {9114#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,246 INFO L273 TraceCheckUtils]: 17: Hoare triple {9114#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,247 INFO L273 TraceCheckUtils]: 18: Hoare triple {9114#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,247 INFO L273 TraceCheckUtils]: 19: Hoare triple {9114#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,247 INFO L273 TraceCheckUtils]: 20: Hoare triple {9114#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,247 INFO L273 TraceCheckUtils]: 21: Hoare triple {9114#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,247 INFO L273 TraceCheckUtils]: 22: Hoare triple {9114#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,248 INFO L273 TraceCheckUtils]: 23: Hoare triple {9114#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {9114#true} is VALID [2018-11-14 17:19:08,248 INFO L273 TraceCheckUtils]: 24: Hoare triple {9114#true} assume #t~mem32 == 8464;havoc #t~mem32; {9114#true} is VALID [2018-11-14 17:19:08,248 INFO L273 TraceCheckUtils]: 25: Hoare triple {9114#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {9114#true} is VALID [2018-11-14 17:19:08,248 INFO L273 TraceCheckUtils]: 26: Hoare triple {9114#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {9114#true} is VALID [2018-11-14 17:19:08,262 INFO L273 TraceCheckUtils]: 27: Hoare triple {9114#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,271 INFO L273 TraceCheckUtils]: 28: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,285 INFO L273 TraceCheckUtils]: 29: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,294 INFO L273 TraceCheckUtils]: 30: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} ~skip~0 := 0; {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,306 INFO L273 TraceCheckUtils]: 31: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume true; {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,315 INFO L273 TraceCheckUtils]: 32: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !false; {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,328 INFO L273 TraceCheckUtils]: 33: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,336 INFO L273 TraceCheckUtils]: 34: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,351 INFO L273 TraceCheckUtils]: 35: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,360 INFO L273 TraceCheckUtils]: 36: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,370 INFO L273 TraceCheckUtils]: 37: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:08,381 INFO L273 TraceCheckUtils]: 38: Hoare triple {9116#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {9117#(= |ssl3_accept_#t~mem29| 8496)} is VALID [2018-11-14 17:19:08,394 INFO L273 TraceCheckUtils]: 39: Hoare triple {9117#(= |ssl3_accept_#t~mem29| 8496)} assume #t~mem29 == 8480;havoc #t~mem29; {9115#false} is VALID [2018-11-14 17:19:08,394 INFO L273 TraceCheckUtils]: 40: Hoare triple {9115#false} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet67 && #t~nondet67 <= 2147483647;~ret~0 := #t~nondet67;havoc #t~nondet67; {9115#false} is VALID [2018-11-14 17:19:08,394 INFO L273 TraceCheckUtils]: 41: Hoare triple {9115#false} assume !(~ret~0 <= 0);call #t~mem68.base, #t~mem68.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(8482, #t~mem68.base, #t~mem68.offset + 604 + 240, 4);havoc #t~mem68.base, #t~mem68.offset;call write~int(8448, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {9115#false} is VALID [2018-11-14 17:19:08,394 INFO L273 TraceCheckUtils]: 42: Hoare triple {9115#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {9115#false} is VALID [2018-11-14 17:19:08,395 INFO L273 TraceCheckUtils]: 43: Hoare triple {9115#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {9115#false} is VALID [2018-11-14 17:19:08,395 INFO L273 TraceCheckUtils]: 44: Hoare triple {9115#false} ~skip~0 := 0; {9115#false} is VALID [2018-11-14 17:19:08,395 INFO L273 TraceCheckUtils]: 45: Hoare triple {9115#false} assume true; {9115#false} is VALID [2018-11-14 17:19:08,395 INFO L273 TraceCheckUtils]: 46: Hoare triple {9115#false} assume !false; {9115#false} is VALID [2018-11-14 17:19:08,395 INFO L273 TraceCheckUtils]: 47: Hoare triple {9115#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,395 INFO L273 TraceCheckUtils]: 48: Hoare triple {9115#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,395 INFO L273 TraceCheckUtils]: 49: Hoare triple {9115#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,396 INFO L273 TraceCheckUtils]: 50: Hoare triple {9115#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,396 INFO L273 TraceCheckUtils]: 51: Hoare triple {9115#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,396 INFO L273 TraceCheckUtils]: 52: Hoare triple {9115#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,396 INFO L273 TraceCheckUtils]: 53: Hoare triple {9115#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,396 INFO L273 TraceCheckUtils]: 54: Hoare triple {9115#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,397 INFO L273 TraceCheckUtils]: 55: Hoare triple {9115#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,397 INFO L273 TraceCheckUtils]: 56: Hoare triple {9115#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,397 INFO L273 TraceCheckUtils]: 57: Hoare triple {9115#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,397 INFO L273 TraceCheckUtils]: 58: Hoare triple {9115#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,397 INFO L273 TraceCheckUtils]: 59: Hoare triple {9115#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,397 INFO L273 TraceCheckUtils]: 60: Hoare triple {9115#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,398 INFO L273 TraceCheckUtils]: 61: Hoare triple {9115#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,398 INFO L273 TraceCheckUtils]: 62: Hoare triple {9115#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,398 INFO L273 TraceCheckUtils]: 63: Hoare triple {9115#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,398 INFO L273 TraceCheckUtils]: 64: Hoare triple {9115#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {9115#false} is VALID [2018-11-14 17:19:08,398 INFO L273 TraceCheckUtils]: 65: Hoare triple {9115#false} assume #t~mem41 == 8544;havoc #t~mem41; {9115#false} is VALID [2018-11-14 17:19:08,398 INFO L273 TraceCheckUtils]: 66: Hoare triple {9115#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {9115#false} is VALID [2018-11-14 17:19:08,399 INFO L273 TraceCheckUtils]: 67: Hoare triple {9115#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {9115#false} is VALID [2018-11-14 17:19:08,399 INFO L273 TraceCheckUtils]: 68: Hoare triple {9115#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {9115#false} is VALID [2018-11-14 17:19:08,399 INFO L273 TraceCheckUtils]: 69: Hoare triple {9115#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {9115#false} is VALID [2018-11-14 17:19:08,399 INFO L273 TraceCheckUtils]: 70: Hoare triple {9115#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {9115#false} is VALID [2018-11-14 17:19:08,399 INFO L273 TraceCheckUtils]: 71: Hoare triple {9115#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {9115#false} is VALID [2018-11-14 17:19:08,399 INFO L273 TraceCheckUtils]: 72: Hoare triple {9115#false} assume ~blastFlag~0 == 8; {9115#false} is VALID [2018-11-14 17:19:08,399 INFO L273 TraceCheckUtils]: 73: Hoare triple {9115#false} assume !false; {9115#false} is VALID [2018-11-14 17:19:08,403 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 33 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:08,403 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:08,403 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:08,403 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 74 [2018-11-14 17:19:08,403 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:08,404 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:08,473 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 74 edges. 74 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:08,473 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:08,474 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:08,474 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:08,474 INFO L87 Difference]: Start difference. First operand 177 states and 265 transitions. Second operand 4 states. [2018-11-14 17:19:09,296 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:09,296 INFO L93 Difference]: Finished difference Result 349 states and 528 transitions. [2018-11-14 17:19:09,296 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:09,296 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 74 [2018-11-14 17:19:09,297 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:09,297 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:09,300 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 477 transitions. [2018-11-14 17:19:09,300 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:09,303 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 477 transitions. [2018-11-14 17:19:09,303 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 477 transitions. [2018-11-14 17:19:09,724 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 477 edges. 477 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:09,729 INFO L225 Difference]: With dead ends: 349 [2018-11-14 17:19:09,729 INFO L226 Difference]: Without dead ends: 198 [2018-11-14 17:19:09,730 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:09,730 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 198 states. [2018-11-14 17:19:09,796 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 198 to 177. [2018-11-14 17:19:09,796 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:09,796 INFO L82 GeneralOperation]: Start isEquivalent. First operand 198 states. Second operand 177 states. [2018-11-14 17:19:09,796 INFO L74 IsIncluded]: Start isIncluded. First operand 198 states. Second operand 177 states. [2018-11-14 17:19:09,796 INFO L87 Difference]: Start difference. First operand 198 states. Second operand 177 states. [2018-11-14 17:19:09,800 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:09,800 INFO L93 Difference]: Finished difference Result 198 states and 291 transitions. [2018-11-14 17:19:09,800 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 291 transitions. [2018-11-14 17:19:09,801 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:09,801 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:09,801 INFO L74 IsIncluded]: Start isIncluded. First operand 177 states. Second operand 198 states. [2018-11-14 17:19:09,801 INFO L87 Difference]: Start difference. First operand 177 states. Second operand 198 states. [2018-11-14 17:19:09,805 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:09,806 INFO L93 Difference]: Finished difference Result 198 states and 291 transitions. [2018-11-14 17:19:09,806 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 291 transitions. [2018-11-14 17:19:09,806 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:09,806 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:09,807 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:09,807 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:09,807 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 177 states. [2018-11-14 17:19:09,809 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 264 transitions. [2018-11-14 17:19:09,810 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 264 transitions. Word has length 74 [2018-11-14 17:19:09,810 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:09,810 INFO L480 AbstractCegarLoop]: Abstraction has 177 states and 264 transitions. [2018-11-14 17:19:09,810 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:09,810 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 264 transitions. [2018-11-14 17:19:09,811 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 76 [2018-11-14 17:19:09,811 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:09,811 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:09,811 INFO L423 AbstractCegarLoop]: === Iteration 12 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:09,811 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:09,811 INFO L82 PathProgramCache]: Analyzing trace with hash 483531968, now seen corresponding path program 1 times [2018-11-14 17:19:09,811 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:09,811 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:09,812 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:09,812 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:09,813 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:09,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:10,024 INFO L256 TraceCheckUtils]: 0: Hoare triple {10139#true} call ULTIMATE.init(); {10139#true} is VALID [2018-11-14 17:19:10,025 INFO L273 TraceCheckUtils]: 1: Hoare triple {10139#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {10139#true} is VALID [2018-11-14 17:19:10,025 INFO L273 TraceCheckUtils]: 2: Hoare triple {10139#true} assume true; {10139#true} is VALID [2018-11-14 17:19:10,025 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {10139#true} {10139#true} #682#return; {10139#true} is VALID [2018-11-14 17:19:10,026 INFO L256 TraceCheckUtils]: 4: Hoare triple {10139#true} call #t~ret138 := main(); {10139#true} is VALID [2018-11-14 17:19:10,026 INFO L273 TraceCheckUtils]: 5: Hoare triple {10139#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {10139#true} is VALID [2018-11-14 17:19:10,026 INFO L256 TraceCheckUtils]: 6: Hoare triple {10139#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {10139#true} is VALID [2018-11-14 17:19:10,027 INFO L273 TraceCheckUtils]: 7: Hoare triple {10139#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {10139#true} is VALID [2018-11-14 17:19:10,027 INFO L273 TraceCheckUtils]: 8: Hoare triple {10139#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {10139#true} is VALID [2018-11-14 17:19:10,027 INFO L273 TraceCheckUtils]: 9: Hoare triple {10139#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {10139#true} is VALID [2018-11-14 17:19:10,027 INFO L273 TraceCheckUtils]: 10: Hoare triple {10139#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {10139#true} is VALID [2018-11-14 17:19:10,028 INFO L273 TraceCheckUtils]: 11: Hoare triple {10139#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {10139#true} is VALID [2018-11-14 17:19:10,028 INFO L273 TraceCheckUtils]: 12: Hoare triple {10139#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {10139#true} is VALID [2018-11-14 17:19:10,028 INFO L273 TraceCheckUtils]: 13: Hoare triple {10139#true} assume true; {10139#true} is VALID [2018-11-14 17:19:10,028 INFO L273 TraceCheckUtils]: 14: Hoare triple {10139#true} assume !false; {10139#true} is VALID [2018-11-14 17:19:10,029 INFO L273 TraceCheckUtils]: 15: Hoare triple {10139#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,029 INFO L273 TraceCheckUtils]: 16: Hoare triple {10139#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,029 INFO L273 TraceCheckUtils]: 17: Hoare triple {10139#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,029 INFO L273 TraceCheckUtils]: 18: Hoare triple {10139#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,030 INFO L273 TraceCheckUtils]: 19: Hoare triple {10139#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,030 INFO L273 TraceCheckUtils]: 20: Hoare triple {10139#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,030 INFO L273 TraceCheckUtils]: 21: Hoare triple {10139#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,030 INFO L273 TraceCheckUtils]: 22: Hoare triple {10139#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,030 INFO L273 TraceCheckUtils]: 23: Hoare triple {10139#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,030 INFO L273 TraceCheckUtils]: 24: Hoare triple {10139#true} assume #t~mem32 == 8464;havoc #t~mem32; {10139#true} is VALID [2018-11-14 17:19:10,031 INFO L273 TraceCheckUtils]: 25: Hoare triple {10139#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {10139#true} is VALID [2018-11-14 17:19:10,031 INFO L273 TraceCheckUtils]: 26: Hoare triple {10139#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {10139#true} is VALID [2018-11-14 17:19:10,031 INFO L273 TraceCheckUtils]: 27: Hoare triple {10139#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {10139#true} is VALID [2018-11-14 17:19:10,031 INFO L273 TraceCheckUtils]: 28: Hoare triple {10139#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {10139#true} is VALID [2018-11-14 17:19:10,031 INFO L273 TraceCheckUtils]: 29: Hoare triple {10139#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {10139#true} is VALID [2018-11-14 17:19:10,032 INFO L273 TraceCheckUtils]: 30: Hoare triple {10139#true} ~skip~0 := 0; {10139#true} is VALID [2018-11-14 17:19:10,032 INFO L273 TraceCheckUtils]: 31: Hoare triple {10139#true} assume true; {10139#true} is VALID [2018-11-14 17:19:10,032 INFO L273 TraceCheckUtils]: 32: Hoare triple {10139#true} assume !false; {10139#true} is VALID [2018-11-14 17:19:10,032 INFO L273 TraceCheckUtils]: 33: Hoare triple {10139#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,032 INFO L273 TraceCheckUtils]: 34: Hoare triple {10139#true} assume #t~mem24 == 12292;havoc #t~mem24; {10139#true} is VALID [2018-11-14 17:19:10,032 INFO L273 TraceCheckUtils]: 35: Hoare triple {10139#true} call write~int(1, ~s.base, ~s.offset + 40, 4); {10139#true} is VALID [2018-11-14 17:19:10,033 INFO L273 TraceCheckUtils]: 36: Hoare triple {10139#true} call write~int(1, ~s.base, ~s.offset + 36, 4); {10139#true} is VALID [2018-11-14 17:19:10,033 INFO L273 TraceCheckUtils]: 37: Hoare triple {10139#true} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {10139#true} is VALID [2018-11-14 17:19:10,033 INFO L273 TraceCheckUtils]: 38: Hoare triple {10139#true} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {10139#true} is VALID [2018-11-14 17:19:10,033 INFO L273 TraceCheckUtils]: 39: Hoare triple {10139#true} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {10139#true} is VALID [2018-11-14 17:19:10,033 INFO L273 TraceCheckUtils]: 40: Hoare triple {10139#true} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {10139#true} is VALID [2018-11-14 17:19:10,033 INFO L273 TraceCheckUtils]: 41: Hoare triple {10139#true} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {10139#true} is VALID [2018-11-14 17:19:10,049 INFO L273 TraceCheckUtils]: 42: Hoare triple {10139#true} assume !(#t~mem62 != 12292);havoc #t~mem62;call #t~mem65.base, #t~mem65.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem66 := read~int(#t~mem65.base, #t~mem65.offset + 60 + 16, 4);call write~int(#t~mem66 + 1, #t~mem65.base, #t~mem65.offset + 60 + 16, 4);havoc #t~mem65.base, #t~mem65.offset;havoc #t~mem66;call write~int(8480, ~s.base, ~s.offset + 52, 4); {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,058 INFO L273 TraceCheckUtils]: 43: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,058 INFO L273 TraceCheckUtils]: 44: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,059 INFO L273 TraceCheckUtils]: 45: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} ~skip~0 := 0; {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,059 INFO L273 TraceCheckUtils]: 46: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume true; {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,062 INFO L273 TraceCheckUtils]: 47: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !false; {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,062 INFO L273 TraceCheckUtils]: 48: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,062 INFO L273 TraceCheckUtils]: 49: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,064 INFO L273 TraceCheckUtils]: 50: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,064 INFO L273 TraceCheckUtils]: 51: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,067 INFO L273 TraceCheckUtils]: 52: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:10,067 INFO L273 TraceCheckUtils]: 53: Hoare triple {10141#(= 8480 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {10142#(= 8480 |ssl3_accept_#t~mem29|)} is VALID [2018-11-14 17:19:10,067 INFO L273 TraceCheckUtils]: 54: Hoare triple {10142#(= 8480 |ssl3_accept_#t~mem29|)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 55: Hoare triple {10140#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 56: Hoare triple {10140#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 57: Hoare triple {10140#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 58: Hoare triple {10140#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 59: Hoare triple {10140#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 60: Hoare triple {10140#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 61: Hoare triple {10140#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,068 INFO L273 TraceCheckUtils]: 62: Hoare triple {10140#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 63: Hoare triple {10140#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 64: Hoare triple {10140#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 65: Hoare triple {10140#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 66: Hoare triple {10140#false} assume #t~mem41 == 8544;havoc #t~mem41; {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 67: Hoare triple {10140#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 68: Hoare triple {10140#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 69: Hoare triple {10140#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {10140#false} is VALID [2018-11-14 17:19:10,069 INFO L273 TraceCheckUtils]: 70: Hoare triple {10140#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {10140#false} is VALID [2018-11-14 17:19:10,070 INFO L273 TraceCheckUtils]: 71: Hoare triple {10140#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {10140#false} is VALID [2018-11-14 17:19:10,070 INFO L273 TraceCheckUtils]: 72: Hoare triple {10140#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {10140#false} is VALID [2018-11-14 17:19:10,070 INFO L273 TraceCheckUtils]: 73: Hoare triple {10140#false} assume ~blastFlag~0 == 8; {10140#false} is VALID [2018-11-14 17:19:10,070 INFO L273 TraceCheckUtils]: 74: Hoare triple {10140#false} assume !false; {10140#false} is VALID [2018-11-14 17:19:10,073 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2018-11-14 17:19:10,074 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:10,074 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:10,074 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 75 [2018-11-14 17:19:10,074 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:10,074 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:10,145 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 72 edges. 72 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:10,146 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:10,146 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:10,146 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:10,146 INFO L87 Difference]: Start difference. First operand 177 states and 264 transitions. Second operand 4 states. [2018-11-14 17:19:11,597 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:11,598 INFO L93 Difference]: Finished difference Result 358 states and 543 transitions. [2018-11-14 17:19:11,598 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:11,598 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 75 [2018-11-14 17:19:11,598 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:11,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:11,600 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 455 transitions. [2018-11-14 17:19:11,600 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:11,602 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 455 transitions. [2018-11-14 17:19:11,602 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 455 transitions. [2018-11-14 17:19:12,000 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 455 edges. 455 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:12,004 INFO L225 Difference]: With dead ends: 358 [2018-11-14 17:19:12,004 INFO L226 Difference]: Without dead ends: 207 [2018-11-14 17:19:12,005 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:12,005 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 207 states. [2018-11-14 17:19:12,028 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 207 to 194. [2018-11-14 17:19:12,028 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:12,028 INFO L82 GeneralOperation]: Start isEquivalent. First operand 207 states. Second operand 194 states. [2018-11-14 17:19:12,029 INFO L74 IsIncluded]: Start isIncluded. First operand 207 states. Second operand 194 states. [2018-11-14 17:19:12,029 INFO L87 Difference]: Start difference. First operand 207 states. Second operand 194 states. [2018-11-14 17:19:12,034 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:12,034 INFO L93 Difference]: Finished difference Result 207 states and 307 transitions. [2018-11-14 17:19:12,034 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 307 transitions. [2018-11-14 17:19:12,035 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:12,035 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:12,035 INFO L74 IsIncluded]: Start isIncluded. First operand 194 states. Second operand 207 states. [2018-11-14 17:19:12,035 INFO L87 Difference]: Start difference. First operand 194 states. Second operand 207 states. [2018-11-14 17:19:12,038 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:12,038 INFO L93 Difference]: Finished difference Result 207 states and 307 transitions. [2018-11-14 17:19:12,038 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 307 transitions. [2018-11-14 17:19:12,039 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:12,039 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:12,039 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:12,039 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:12,039 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 194 states. [2018-11-14 17:19:12,043 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 194 states to 194 states and 291 transitions. [2018-11-14 17:19:12,043 INFO L78 Accepts]: Start accepts. Automaton has 194 states and 291 transitions. Word has length 75 [2018-11-14 17:19:12,044 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:12,044 INFO L480 AbstractCegarLoop]: Abstraction has 194 states and 291 transitions. [2018-11-14 17:19:12,044 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:12,044 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 291 transitions. [2018-11-14 17:19:12,045 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 76 [2018-11-14 17:19:12,045 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:12,045 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:12,045 INFO L423 AbstractCegarLoop]: === Iteration 13 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:12,046 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:12,046 INFO L82 PathProgramCache]: Analyzing trace with hash -2111946987, now seen corresponding path program 1 times [2018-11-14 17:19:12,046 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:12,046 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:12,047 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:12,047 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:12,047 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:12,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:12,300 INFO L256 TraceCheckUtils]: 0: Hoare triple {11209#true} call ULTIMATE.init(); {11209#true} is VALID [2018-11-14 17:19:12,300 INFO L273 TraceCheckUtils]: 1: Hoare triple {11209#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {11209#true} is VALID [2018-11-14 17:19:12,300 INFO L273 TraceCheckUtils]: 2: Hoare triple {11209#true} assume true; {11209#true} is VALID [2018-11-14 17:19:12,301 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {11209#true} {11209#true} #682#return; {11209#true} is VALID [2018-11-14 17:19:12,301 INFO L256 TraceCheckUtils]: 4: Hoare triple {11209#true} call #t~ret138 := main(); {11209#true} is VALID [2018-11-14 17:19:12,301 INFO L273 TraceCheckUtils]: 5: Hoare triple {11209#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {11209#true} is VALID [2018-11-14 17:19:12,301 INFO L256 TraceCheckUtils]: 6: Hoare triple {11209#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {11209#true} is VALID [2018-11-14 17:19:12,301 INFO L273 TraceCheckUtils]: 7: Hoare triple {11209#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {11209#true} is VALID [2018-11-14 17:19:12,302 INFO L273 TraceCheckUtils]: 8: Hoare triple {11209#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {11209#true} is VALID [2018-11-14 17:19:12,302 INFO L273 TraceCheckUtils]: 9: Hoare triple {11209#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {11209#true} is VALID [2018-11-14 17:19:12,302 INFO L273 TraceCheckUtils]: 10: Hoare triple {11209#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {11209#true} is VALID [2018-11-14 17:19:12,302 INFO L273 TraceCheckUtils]: 11: Hoare triple {11209#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {11209#true} is VALID [2018-11-14 17:19:12,302 INFO L273 TraceCheckUtils]: 12: Hoare triple {11209#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {11209#true} is VALID [2018-11-14 17:19:12,302 INFO L273 TraceCheckUtils]: 13: Hoare triple {11209#true} assume true; {11209#true} is VALID [2018-11-14 17:19:12,302 INFO L273 TraceCheckUtils]: 14: Hoare triple {11209#true} assume !false; {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 15: Hoare triple {11209#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 16: Hoare triple {11209#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 17: Hoare triple {11209#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 18: Hoare triple {11209#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 19: Hoare triple {11209#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 20: Hoare triple {11209#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 21: Hoare triple {11209#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,303 INFO L273 TraceCheckUtils]: 22: Hoare triple {11209#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,304 INFO L273 TraceCheckUtils]: 23: Hoare triple {11209#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {11209#true} is VALID [2018-11-14 17:19:12,304 INFO L273 TraceCheckUtils]: 24: Hoare triple {11209#true} assume #t~mem32 == 8464;havoc #t~mem32; {11209#true} is VALID [2018-11-14 17:19:12,304 INFO L273 TraceCheckUtils]: 25: Hoare triple {11209#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {11209#true} is VALID [2018-11-14 17:19:12,304 INFO L273 TraceCheckUtils]: 26: Hoare triple {11209#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {11209#true} is VALID [2018-11-14 17:19:12,316 INFO L273 TraceCheckUtils]: 27: Hoare triple {11209#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,316 INFO L273 TraceCheckUtils]: 28: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,320 INFO L273 TraceCheckUtils]: 29: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,320 INFO L273 TraceCheckUtils]: 30: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} ~skip~0 := 0; {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,320 INFO L273 TraceCheckUtils]: 31: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume true; {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,321 INFO L273 TraceCheckUtils]: 32: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !false; {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,321 INFO L273 TraceCheckUtils]: 33: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,321 INFO L273 TraceCheckUtils]: 34: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,322 INFO L273 TraceCheckUtils]: 35: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,322 INFO L273 TraceCheckUtils]: 36: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,322 INFO L273 TraceCheckUtils]: 37: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,323 INFO L273 TraceCheckUtils]: 38: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:12,323 INFO L273 TraceCheckUtils]: 39: Hoare triple {11211#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {11212#(= |ssl3_accept_#t~mem30| 8496)} is VALID [2018-11-14 17:19:12,323 INFO L273 TraceCheckUtils]: 40: Hoare triple {11212#(= |ssl3_accept_#t~mem30| 8496)} assume #t~mem30 == 8481;havoc #t~mem30; {11210#false} is VALID [2018-11-14 17:19:12,323 INFO L273 TraceCheckUtils]: 41: Hoare triple {11210#false} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet67 && #t~nondet67 <= 2147483647;~ret~0 := #t~nondet67;havoc #t~nondet67; {11210#false} is VALID [2018-11-14 17:19:12,324 INFO L273 TraceCheckUtils]: 42: Hoare triple {11210#false} assume !(~ret~0 <= 0);call #t~mem68.base, #t~mem68.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(8482, #t~mem68.base, #t~mem68.offset + 604 + 240, 4);havoc #t~mem68.base, #t~mem68.offset;call write~int(8448, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {11210#false} is VALID [2018-11-14 17:19:12,324 INFO L273 TraceCheckUtils]: 43: Hoare triple {11210#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {11210#false} is VALID [2018-11-14 17:19:12,324 INFO L273 TraceCheckUtils]: 44: Hoare triple {11210#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {11210#false} is VALID [2018-11-14 17:19:12,324 INFO L273 TraceCheckUtils]: 45: Hoare triple {11210#false} ~skip~0 := 0; {11210#false} is VALID [2018-11-14 17:19:12,324 INFO L273 TraceCheckUtils]: 46: Hoare triple {11210#false} assume true; {11210#false} is VALID [2018-11-14 17:19:12,325 INFO L273 TraceCheckUtils]: 47: Hoare triple {11210#false} assume !false; {11210#false} is VALID [2018-11-14 17:19:12,325 INFO L273 TraceCheckUtils]: 48: Hoare triple {11210#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,325 INFO L273 TraceCheckUtils]: 49: Hoare triple {11210#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,325 INFO L273 TraceCheckUtils]: 50: Hoare triple {11210#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,325 INFO L273 TraceCheckUtils]: 51: Hoare triple {11210#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,326 INFO L273 TraceCheckUtils]: 52: Hoare triple {11210#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,326 INFO L273 TraceCheckUtils]: 53: Hoare triple {11210#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,326 INFO L273 TraceCheckUtils]: 54: Hoare triple {11210#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,326 INFO L273 TraceCheckUtils]: 55: Hoare triple {11210#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,326 INFO L273 TraceCheckUtils]: 56: Hoare triple {11210#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,326 INFO L273 TraceCheckUtils]: 57: Hoare triple {11210#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,326 INFO L273 TraceCheckUtils]: 58: Hoare triple {11210#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 59: Hoare triple {11210#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 60: Hoare triple {11210#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 61: Hoare triple {11210#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 62: Hoare triple {11210#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 63: Hoare triple {11210#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 64: Hoare triple {11210#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 65: Hoare triple {11210#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {11210#false} is VALID [2018-11-14 17:19:12,327 INFO L273 TraceCheckUtils]: 66: Hoare triple {11210#false} assume #t~mem41 == 8544;havoc #t~mem41; {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 67: Hoare triple {11210#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 68: Hoare triple {11210#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 69: Hoare triple {11210#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 70: Hoare triple {11210#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 71: Hoare triple {11210#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 72: Hoare triple {11210#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 73: Hoare triple {11210#false} assume ~blastFlag~0 == 8; {11210#false} is VALID [2018-11-14 17:19:12,328 INFO L273 TraceCheckUtils]: 74: Hoare triple {11210#false} assume !false; {11210#false} is VALID [2018-11-14 17:19:12,335 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 35 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:12,335 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:12,336 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:12,336 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 75 [2018-11-14 17:19:12,336 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:12,336 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:12,462 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 75 edges. 75 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:12,463 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:12,463 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:12,463 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:12,463 INFO L87 Difference]: Start difference. First operand 194 states and 291 transitions. Second operand 4 states. [2018-11-14 17:19:13,287 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:13,288 INFO L93 Difference]: Finished difference Result 381 states and 578 transitions. [2018-11-14 17:19:13,288 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:13,288 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 75 [2018-11-14 17:19:13,288 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:13,288 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:13,290 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 474 transitions. [2018-11-14 17:19:13,290 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:13,292 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 474 transitions. [2018-11-14 17:19:13,292 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 474 transitions. [2018-11-14 17:19:13,723 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 474 edges. 474 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:13,728 INFO L225 Difference]: With dead ends: 381 [2018-11-14 17:19:13,728 INFO L226 Difference]: Without dead ends: 213 [2018-11-14 17:19:13,728 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:13,729 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 213 states. [2018-11-14 17:19:13,768 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 213 to 194. [2018-11-14 17:19:13,768 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:13,768 INFO L82 GeneralOperation]: Start isEquivalent. First operand 213 states. Second operand 194 states. [2018-11-14 17:19:13,769 INFO L74 IsIncluded]: Start isIncluded. First operand 213 states. Second operand 194 states. [2018-11-14 17:19:13,769 INFO L87 Difference]: Start difference. First operand 213 states. Second operand 194 states. [2018-11-14 17:19:13,773 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:13,773 INFO L93 Difference]: Finished difference Result 213 states and 315 transitions. [2018-11-14 17:19:13,773 INFO L276 IsEmpty]: Start isEmpty. Operand 213 states and 315 transitions. [2018-11-14 17:19:13,774 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:13,774 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:13,774 INFO L74 IsIncluded]: Start isIncluded. First operand 194 states. Second operand 213 states. [2018-11-14 17:19:13,774 INFO L87 Difference]: Start difference. First operand 194 states. Second operand 213 states. [2018-11-14 17:19:13,778 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:13,778 INFO L93 Difference]: Finished difference Result 213 states and 315 transitions. [2018-11-14 17:19:13,779 INFO L276 IsEmpty]: Start isEmpty. Operand 213 states and 315 transitions. [2018-11-14 17:19:13,779 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:13,779 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:13,780 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:13,780 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:13,780 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 194 states. [2018-11-14 17:19:13,784 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 194 states to 194 states and 290 transitions. [2018-11-14 17:19:13,784 INFO L78 Accepts]: Start accepts. Automaton has 194 states and 290 transitions. Word has length 75 [2018-11-14 17:19:13,784 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:13,784 INFO L480 AbstractCegarLoop]: Abstraction has 194 states and 290 transitions. [2018-11-14 17:19:13,784 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:13,784 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 290 transitions. [2018-11-14 17:19:13,785 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 76 [2018-11-14 17:19:13,785 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:13,785 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:13,786 INFO L423 AbstractCegarLoop]: === Iteration 14 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:13,786 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:13,786 INFO L82 PathProgramCache]: Analyzing trace with hash -1521814540, now seen corresponding path program 1 times [2018-11-14 17:19:13,786 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:13,786 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:13,787 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:13,787 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:13,787 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:13,805 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:13,948 INFO L256 TraceCheckUtils]: 0: Hoare triple {12318#true} call ULTIMATE.init(); {12318#true} is VALID [2018-11-14 17:19:13,949 INFO L273 TraceCheckUtils]: 1: Hoare triple {12318#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {12318#true} is VALID [2018-11-14 17:19:13,949 INFO L273 TraceCheckUtils]: 2: Hoare triple {12318#true} assume true; {12318#true} is VALID [2018-11-14 17:19:13,949 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {12318#true} {12318#true} #682#return; {12318#true} is VALID [2018-11-14 17:19:13,949 INFO L256 TraceCheckUtils]: 4: Hoare triple {12318#true} call #t~ret138 := main(); {12318#true} is VALID [2018-11-14 17:19:13,949 INFO L273 TraceCheckUtils]: 5: Hoare triple {12318#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {12318#true} is VALID [2018-11-14 17:19:13,949 INFO L256 TraceCheckUtils]: 6: Hoare triple {12318#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {12318#true} is VALID [2018-11-14 17:19:13,950 INFO L273 TraceCheckUtils]: 7: Hoare triple {12318#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {12318#true} is VALID [2018-11-14 17:19:13,950 INFO L273 TraceCheckUtils]: 8: Hoare triple {12318#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {12318#true} is VALID [2018-11-14 17:19:13,950 INFO L273 TraceCheckUtils]: 9: Hoare triple {12318#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {12318#true} is VALID [2018-11-14 17:19:13,950 INFO L273 TraceCheckUtils]: 10: Hoare triple {12318#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {12318#true} is VALID [2018-11-14 17:19:13,951 INFO L273 TraceCheckUtils]: 11: Hoare triple {12318#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {12318#true} is VALID [2018-11-14 17:19:13,951 INFO L273 TraceCheckUtils]: 12: Hoare triple {12318#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {12318#true} is VALID [2018-11-14 17:19:13,951 INFO L273 TraceCheckUtils]: 13: Hoare triple {12318#true} assume true; {12318#true} is VALID [2018-11-14 17:19:13,951 INFO L273 TraceCheckUtils]: 14: Hoare triple {12318#true} assume !false; {12318#true} is VALID [2018-11-14 17:19:13,951 INFO L273 TraceCheckUtils]: 15: Hoare triple {12318#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,952 INFO L273 TraceCheckUtils]: 16: Hoare triple {12318#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,952 INFO L273 TraceCheckUtils]: 17: Hoare triple {12318#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,952 INFO L273 TraceCheckUtils]: 18: Hoare triple {12318#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,952 INFO L273 TraceCheckUtils]: 19: Hoare triple {12318#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,952 INFO L273 TraceCheckUtils]: 20: Hoare triple {12318#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,952 INFO L273 TraceCheckUtils]: 21: Hoare triple {12318#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,952 INFO L273 TraceCheckUtils]: 22: Hoare triple {12318#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,953 INFO L273 TraceCheckUtils]: 23: Hoare triple {12318#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {12318#true} is VALID [2018-11-14 17:19:13,953 INFO L273 TraceCheckUtils]: 24: Hoare triple {12318#true} assume #t~mem32 == 8464;havoc #t~mem32; {12318#true} is VALID [2018-11-14 17:19:13,953 INFO L273 TraceCheckUtils]: 25: Hoare triple {12318#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {12318#true} is VALID [2018-11-14 17:19:13,953 INFO L273 TraceCheckUtils]: 26: Hoare triple {12318#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {12318#true} is VALID [2018-11-14 17:19:13,954 INFO L273 TraceCheckUtils]: 27: Hoare triple {12318#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,954 INFO L273 TraceCheckUtils]: 28: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,954 INFO L273 TraceCheckUtils]: 29: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,955 INFO L273 TraceCheckUtils]: 30: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} ~skip~0 := 0; {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,955 INFO L273 TraceCheckUtils]: 31: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume true; {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,955 INFO L273 TraceCheckUtils]: 32: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !false; {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,956 INFO L273 TraceCheckUtils]: 33: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,956 INFO L273 TraceCheckUtils]: 34: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,956 INFO L273 TraceCheckUtils]: 35: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,957 INFO L273 TraceCheckUtils]: 36: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,958 INFO L273 TraceCheckUtils]: 37: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,958 INFO L273 TraceCheckUtils]: 38: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,959 INFO L273 TraceCheckUtils]: 39: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:13,959 INFO L273 TraceCheckUtils]: 40: Hoare triple {12320#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {12321#(= |ssl3_accept_#t~mem31| 8496)} is VALID [2018-11-14 17:19:13,960 INFO L273 TraceCheckUtils]: 41: Hoare triple {12321#(= |ssl3_accept_#t~mem31| 8496)} assume #t~mem31 == 8482;havoc #t~mem31; {12319#false} is VALID [2018-11-14 17:19:13,960 INFO L273 TraceCheckUtils]: 42: Hoare triple {12319#false} call write~int(3, ~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,960 INFO L273 TraceCheckUtils]: 43: Hoare triple {12319#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {12319#false} is VALID [2018-11-14 17:19:13,961 INFO L273 TraceCheckUtils]: 44: Hoare triple {12319#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {12319#false} is VALID [2018-11-14 17:19:13,961 INFO L273 TraceCheckUtils]: 45: Hoare triple {12319#false} ~skip~0 := 0; {12319#false} is VALID [2018-11-14 17:19:13,961 INFO L273 TraceCheckUtils]: 46: Hoare triple {12319#false} assume true; {12319#false} is VALID [2018-11-14 17:19:13,961 INFO L273 TraceCheckUtils]: 47: Hoare triple {12319#false} assume !false; {12319#false} is VALID [2018-11-14 17:19:13,961 INFO L273 TraceCheckUtils]: 48: Hoare triple {12319#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,962 INFO L273 TraceCheckUtils]: 49: Hoare triple {12319#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,962 INFO L273 TraceCheckUtils]: 50: Hoare triple {12319#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,962 INFO L273 TraceCheckUtils]: 51: Hoare triple {12319#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,962 INFO L273 TraceCheckUtils]: 52: Hoare triple {12319#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,963 INFO L273 TraceCheckUtils]: 53: Hoare triple {12319#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,963 INFO L273 TraceCheckUtils]: 54: Hoare triple {12319#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,963 INFO L273 TraceCheckUtils]: 55: Hoare triple {12319#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,963 INFO L273 TraceCheckUtils]: 56: Hoare triple {12319#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,963 INFO L273 TraceCheckUtils]: 57: Hoare triple {12319#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,964 INFO L273 TraceCheckUtils]: 58: Hoare triple {12319#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,964 INFO L273 TraceCheckUtils]: 59: Hoare triple {12319#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,964 INFO L273 TraceCheckUtils]: 60: Hoare triple {12319#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,964 INFO L273 TraceCheckUtils]: 61: Hoare triple {12319#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,964 INFO L273 TraceCheckUtils]: 62: Hoare triple {12319#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,965 INFO L273 TraceCheckUtils]: 63: Hoare triple {12319#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,965 INFO L273 TraceCheckUtils]: 64: Hoare triple {12319#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,965 INFO L273 TraceCheckUtils]: 65: Hoare triple {12319#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {12319#false} is VALID [2018-11-14 17:19:13,965 INFO L273 TraceCheckUtils]: 66: Hoare triple {12319#false} assume #t~mem41 == 8544;havoc #t~mem41; {12319#false} is VALID [2018-11-14 17:19:13,965 INFO L273 TraceCheckUtils]: 67: Hoare triple {12319#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {12319#false} is VALID [2018-11-14 17:19:13,965 INFO L273 TraceCheckUtils]: 68: Hoare triple {12319#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {12319#false} is VALID [2018-11-14 17:19:13,965 INFO L273 TraceCheckUtils]: 69: Hoare triple {12319#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {12319#false} is VALID [2018-11-14 17:19:13,966 INFO L273 TraceCheckUtils]: 70: Hoare triple {12319#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {12319#false} is VALID [2018-11-14 17:19:13,966 INFO L273 TraceCheckUtils]: 71: Hoare triple {12319#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {12319#false} is VALID [2018-11-14 17:19:13,966 INFO L273 TraceCheckUtils]: 72: Hoare triple {12319#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {12319#false} is VALID [2018-11-14 17:19:13,966 INFO L273 TraceCheckUtils]: 73: Hoare triple {12319#false} assume ~blastFlag~0 == 8; {12319#false} is VALID [2018-11-14 17:19:13,966 INFO L273 TraceCheckUtils]: 74: Hoare triple {12319#false} assume !false; {12319#false} is VALID [2018-11-14 17:19:13,970 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 37 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:13,971 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:13,971 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:13,971 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 75 [2018-11-14 17:19:13,971 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:13,971 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:14,051 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 75 edges. 75 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:14,051 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:14,051 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:14,052 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:14,052 INFO L87 Difference]: Start difference. First operand 194 states and 290 transitions. Second operand 4 states. [2018-11-14 17:19:14,900 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:14,901 INFO L93 Difference]: Finished difference Result 380 states and 575 transitions. [2018-11-14 17:19:14,901 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:14,901 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 75 [2018-11-14 17:19:14,901 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:14,901 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:14,904 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 472 transitions. [2018-11-14 17:19:14,904 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:14,906 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 472 transitions. [2018-11-14 17:19:14,906 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 472 transitions. [2018-11-14 17:19:15,341 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 472 edges. 472 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:15,345 INFO L225 Difference]: With dead ends: 380 [2018-11-14 17:19:15,345 INFO L226 Difference]: Without dead ends: 212 [2018-11-14 17:19:15,346 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:15,346 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 212 states. [2018-11-14 17:19:15,403 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 212 to 194. [2018-11-14 17:19:15,403 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:15,403 INFO L82 GeneralOperation]: Start isEquivalent. First operand 212 states. Second operand 194 states. [2018-11-14 17:19:15,404 INFO L74 IsIncluded]: Start isIncluded. First operand 212 states. Second operand 194 states. [2018-11-14 17:19:15,404 INFO L87 Difference]: Start difference. First operand 212 states. Second operand 194 states. [2018-11-14 17:19:15,408 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:15,409 INFO L93 Difference]: Finished difference Result 212 states and 313 transitions. [2018-11-14 17:19:15,409 INFO L276 IsEmpty]: Start isEmpty. Operand 212 states and 313 transitions. [2018-11-14 17:19:15,410 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:15,410 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:15,410 INFO L74 IsIncluded]: Start isIncluded. First operand 194 states. Second operand 212 states. [2018-11-14 17:19:15,410 INFO L87 Difference]: Start difference. First operand 194 states. Second operand 212 states. [2018-11-14 17:19:15,414 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:15,415 INFO L93 Difference]: Finished difference Result 212 states and 313 transitions. [2018-11-14 17:19:15,415 INFO L276 IsEmpty]: Start isEmpty. Operand 212 states and 313 transitions. [2018-11-14 17:19:15,415 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:15,416 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:15,416 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:15,416 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:15,416 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 194 states. [2018-11-14 17:19:15,420 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 194 states to 194 states and 289 transitions. [2018-11-14 17:19:15,420 INFO L78 Accepts]: Start accepts. Automaton has 194 states and 289 transitions. Word has length 75 [2018-11-14 17:19:15,420 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:15,421 INFO L480 AbstractCegarLoop]: Abstraction has 194 states and 289 transitions. [2018-11-14 17:19:15,421 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:15,421 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 289 transitions. [2018-11-14 17:19:15,422 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2018-11-14 17:19:15,422 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:15,422 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:15,422 INFO L423 AbstractCegarLoop]: === Iteration 15 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:15,422 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:15,423 INFO L82 PathProgramCache]: Analyzing trace with hash 648182387, now seen corresponding path program 1 times [2018-11-14 17:19:15,423 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:15,423 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:15,424 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:15,424 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:15,424 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:15,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:15,710 INFO L256 TraceCheckUtils]: 0: Hoare triple {13423#true} call ULTIMATE.init(); {13423#true} is VALID [2018-11-14 17:19:15,711 INFO L273 TraceCheckUtils]: 1: Hoare triple {13423#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {13423#true} is VALID [2018-11-14 17:19:15,711 INFO L273 TraceCheckUtils]: 2: Hoare triple {13423#true} assume true; {13423#true} is VALID [2018-11-14 17:19:15,711 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {13423#true} {13423#true} #682#return; {13423#true} is VALID [2018-11-14 17:19:15,711 INFO L256 TraceCheckUtils]: 4: Hoare triple {13423#true} call #t~ret138 := main(); {13423#true} is VALID [2018-11-14 17:19:15,712 INFO L273 TraceCheckUtils]: 5: Hoare triple {13423#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {13423#true} is VALID [2018-11-14 17:19:15,712 INFO L256 TraceCheckUtils]: 6: Hoare triple {13423#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {13423#true} is VALID [2018-11-14 17:19:15,712 INFO L273 TraceCheckUtils]: 7: Hoare triple {13423#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {13423#true} is VALID [2018-11-14 17:19:15,712 INFO L273 TraceCheckUtils]: 8: Hoare triple {13423#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {13423#true} is VALID [2018-11-14 17:19:15,712 INFO L273 TraceCheckUtils]: 9: Hoare triple {13423#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {13423#true} is VALID [2018-11-14 17:19:15,713 INFO L273 TraceCheckUtils]: 10: Hoare triple {13423#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {13423#true} is VALID [2018-11-14 17:19:15,713 INFO L273 TraceCheckUtils]: 11: Hoare triple {13423#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {13423#true} is VALID [2018-11-14 17:19:15,713 INFO L273 TraceCheckUtils]: 12: Hoare triple {13423#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {13423#true} is VALID [2018-11-14 17:19:15,713 INFO L273 TraceCheckUtils]: 13: Hoare triple {13423#true} assume true; {13423#true} is VALID [2018-11-14 17:19:15,713 INFO L273 TraceCheckUtils]: 14: Hoare triple {13423#true} assume !false; {13423#true} is VALID [2018-11-14 17:19:15,713 INFO L273 TraceCheckUtils]: 15: Hoare triple {13423#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 16: Hoare triple {13423#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 17: Hoare triple {13423#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 18: Hoare triple {13423#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 19: Hoare triple {13423#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 20: Hoare triple {13423#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 21: Hoare triple {13423#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 22: Hoare triple {13423#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,714 INFO L273 TraceCheckUtils]: 23: Hoare triple {13423#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 24: Hoare triple {13423#true} assume #t~mem32 == 8464;havoc #t~mem32; {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 25: Hoare triple {13423#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 26: Hoare triple {13423#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 27: Hoare triple {13423#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 28: Hoare triple {13423#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 29: Hoare triple {13423#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 30: Hoare triple {13423#true} ~skip~0 := 0; {13423#true} is VALID [2018-11-14 17:19:15,715 INFO L273 TraceCheckUtils]: 31: Hoare triple {13423#true} assume true; {13423#true} is VALID [2018-11-14 17:19:15,716 INFO L273 TraceCheckUtils]: 32: Hoare triple {13423#true} assume !false; {13423#true} is VALID [2018-11-14 17:19:15,716 INFO L273 TraceCheckUtils]: 33: Hoare triple {13423#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {13425#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) |ssl3_accept_#t~mem24|)} is VALID [2018-11-14 17:19:15,717 INFO L273 TraceCheckUtils]: 34: Hoare triple {13425#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) |ssl3_accept_#t~mem24|)} assume #t~mem24 == 12292;havoc #t~mem24; {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:15,717 INFO L273 TraceCheckUtils]: 35: Hoare triple {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call write~int(1, ~s.base, ~s.offset + 40, 4); {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:15,718 INFO L273 TraceCheckUtils]: 36: Hoare triple {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call write~int(1, ~s.base, ~s.offset + 36, 4); {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:15,718 INFO L273 TraceCheckUtils]: 37: Hoare triple {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:15,719 INFO L273 TraceCheckUtils]: 38: Hoare triple {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:15,719 INFO L273 TraceCheckUtils]: 39: Hoare triple {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:15,720 INFO L273 TraceCheckUtils]: 40: Hoare triple {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:15,721 INFO L273 TraceCheckUtils]: 41: Hoare triple {13426#(= 12292 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {13427#(= 12292 |ssl3_accept_#t~mem62|)} is VALID [2018-11-14 17:19:15,722 INFO L273 TraceCheckUtils]: 42: Hoare triple {13427#(= 12292 |ssl3_accept_#t~mem62|)} assume #t~mem62 != 12292;havoc #t~mem62; {13424#false} is VALID [2018-11-14 17:19:15,722 INFO L273 TraceCheckUtils]: 43: Hoare triple {13424#false} assume !(~tmp___5~0 == 0);call write~int(8464, ~s.base, ~s.offset + 52, 4);call #t~mem63.base, #t~mem63.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem64 := read~int(#t~mem63.base, #t~mem63.offset + 60 + 12, 4);call write~int(#t~mem64 + 1, #t~mem63.base, #t~mem63.offset + 60 + 12, 4);havoc #t~mem64;havoc #t~mem63.base, #t~mem63.offset; {13424#false} is VALID [2018-11-14 17:19:15,722 INFO L273 TraceCheckUtils]: 44: Hoare triple {13424#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {13424#false} is VALID [2018-11-14 17:19:15,722 INFO L273 TraceCheckUtils]: 45: Hoare triple {13424#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {13424#false} is VALID [2018-11-14 17:19:15,723 INFO L273 TraceCheckUtils]: 46: Hoare triple {13424#false} ~skip~0 := 0; {13424#false} is VALID [2018-11-14 17:19:15,723 INFO L273 TraceCheckUtils]: 47: Hoare triple {13424#false} assume true; {13424#false} is VALID [2018-11-14 17:19:15,723 INFO L273 TraceCheckUtils]: 48: Hoare triple {13424#false} assume !false; {13424#false} is VALID [2018-11-14 17:19:15,723 INFO L273 TraceCheckUtils]: 49: Hoare triple {13424#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,724 INFO L273 TraceCheckUtils]: 50: Hoare triple {13424#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,724 INFO L273 TraceCheckUtils]: 51: Hoare triple {13424#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,724 INFO L273 TraceCheckUtils]: 52: Hoare triple {13424#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,724 INFO L273 TraceCheckUtils]: 53: Hoare triple {13424#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,724 INFO L273 TraceCheckUtils]: 54: Hoare triple {13424#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,725 INFO L273 TraceCheckUtils]: 55: Hoare triple {13424#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,725 INFO L273 TraceCheckUtils]: 56: Hoare triple {13424#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,725 INFO L273 TraceCheckUtils]: 57: Hoare triple {13424#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,725 INFO L273 TraceCheckUtils]: 58: Hoare triple {13424#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,725 INFO L273 TraceCheckUtils]: 59: Hoare triple {13424#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,725 INFO L273 TraceCheckUtils]: 60: Hoare triple {13424#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 61: Hoare triple {13424#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 62: Hoare triple {13424#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 63: Hoare triple {13424#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 64: Hoare triple {13424#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 65: Hoare triple {13424#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 66: Hoare triple {13424#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 67: Hoare triple {13424#false} assume #t~mem41 == 8544;havoc #t~mem41; {13424#false} is VALID [2018-11-14 17:19:15,726 INFO L273 TraceCheckUtils]: 68: Hoare triple {13424#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {13424#false} is VALID [2018-11-14 17:19:15,727 INFO L273 TraceCheckUtils]: 69: Hoare triple {13424#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {13424#false} is VALID [2018-11-14 17:19:15,727 INFO L273 TraceCheckUtils]: 70: Hoare triple {13424#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {13424#false} is VALID [2018-11-14 17:19:15,727 INFO L273 TraceCheckUtils]: 71: Hoare triple {13424#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {13424#false} is VALID [2018-11-14 17:19:15,727 INFO L273 TraceCheckUtils]: 72: Hoare triple {13424#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {13424#false} is VALID [2018-11-14 17:19:15,727 INFO L273 TraceCheckUtils]: 73: Hoare triple {13424#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {13424#false} is VALID [2018-11-14 17:19:15,727 INFO L273 TraceCheckUtils]: 74: Hoare triple {13424#false} assume ~blastFlag~0 == 8; {13424#false} is VALID [2018-11-14 17:19:15,727 INFO L273 TraceCheckUtils]: 75: Hoare triple {13424#false} assume !false; {13424#false} is VALID [2018-11-14 17:19:15,730 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 20 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-14 17:19:15,731 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:15,731 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-11-14 17:19:15,731 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 76 [2018-11-14 17:19:15,731 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:15,731 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2018-11-14 17:19:15,803 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 74 edges. 74 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:15,803 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-11-14 17:19:15,803 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-11-14 17:19:15,804 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:15,804 INFO L87 Difference]: Start difference. First operand 194 states and 289 transitions. Second operand 5 states. [2018-11-14 17:19:17,035 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:17,035 INFO L93 Difference]: Finished difference Result 371 states and 561 transitions. [2018-11-14 17:19:17,035 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-11-14 17:19:17,035 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 76 [2018-11-14 17:19:17,035 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:17,035 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-14 17:19:17,038 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 423 transitions. [2018-11-14 17:19:17,038 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-14 17:19:17,040 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 423 transitions. [2018-11-14 17:19:17,041 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 423 transitions. [2018-11-14 17:19:17,456 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 423 edges. 423 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:17,461 INFO L225 Difference]: With dead ends: 371 [2018-11-14 17:19:17,461 INFO L226 Difference]: Without dead ends: 203 [2018-11-14 17:19:17,462 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 2 SyntacticMatches, 4 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-11-14 17:19:17,463 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2018-11-14 17:19:17,499 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 203. [2018-11-14 17:19:17,499 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:17,499 INFO L82 GeneralOperation]: Start isEquivalent. First operand 203 states. Second operand 203 states. [2018-11-14 17:19:17,499 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand 203 states. [2018-11-14 17:19:17,499 INFO L87 Difference]: Start difference. First operand 203 states. Second operand 203 states. [2018-11-14 17:19:17,503 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:17,503 INFO L93 Difference]: Finished difference Result 203 states and 300 transitions. [2018-11-14 17:19:17,503 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 300 transitions. [2018-11-14 17:19:17,504 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:17,504 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:17,504 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand 203 states. [2018-11-14 17:19:17,504 INFO L87 Difference]: Start difference. First operand 203 states. Second operand 203 states. [2018-11-14 17:19:17,509 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:17,510 INFO L93 Difference]: Finished difference Result 203 states and 300 transitions. [2018-11-14 17:19:17,510 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 300 transitions. [2018-11-14 17:19:17,510 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:17,511 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:17,511 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:17,511 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:17,511 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 203 states. [2018-11-14 17:19:17,516 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 203 states to 203 states and 300 transitions. [2018-11-14 17:19:17,516 INFO L78 Accepts]: Start accepts. Automaton has 203 states and 300 transitions. Word has length 76 [2018-11-14 17:19:17,516 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:17,517 INFO L480 AbstractCegarLoop]: Abstraction has 203 states and 300 transitions. [2018-11-14 17:19:17,517 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-11-14 17:19:17,517 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 300 transitions. [2018-11-14 17:19:17,518 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2018-11-14 17:19:17,518 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:17,518 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:17,519 INFO L423 AbstractCegarLoop]: === Iteration 16 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:17,519 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:17,519 INFO L82 PathProgramCache]: Analyzing trace with hash -753904121, now seen corresponding path program 1 times [2018-11-14 17:19:17,519 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:17,519 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:17,520 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:17,521 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:17,521 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:17,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:17,752 INFO L256 TraceCheckUtils]: 0: Hoare triple {14509#true} call ULTIMATE.init(); {14509#true} is VALID [2018-11-14 17:19:17,752 INFO L273 TraceCheckUtils]: 1: Hoare triple {14509#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {14509#true} is VALID [2018-11-14 17:19:17,752 INFO L273 TraceCheckUtils]: 2: Hoare triple {14509#true} assume true; {14509#true} is VALID [2018-11-14 17:19:17,753 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {14509#true} {14509#true} #682#return; {14509#true} is VALID [2018-11-14 17:19:17,753 INFO L256 TraceCheckUtils]: 4: Hoare triple {14509#true} call #t~ret138 := main(); {14509#true} is VALID [2018-11-14 17:19:17,753 INFO L273 TraceCheckUtils]: 5: Hoare triple {14509#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {14509#true} is VALID [2018-11-14 17:19:17,754 INFO L256 TraceCheckUtils]: 6: Hoare triple {14509#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {14509#true} is VALID [2018-11-14 17:19:17,754 INFO L273 TraceCheckUtils]: 7: Hoare triple {14509#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {14509#true} is VALID [2018-11-14 17:19:17,754 INFO L273 TraceCheckUtils]: 8: Hoare triple {14509#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {14509#true} is VALID [2018-11-14 17:19:17,754 INFO L273 TraceCheckUtils]: 9: Hoare triple {14509#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {14509#true} is VALID [2018-11-14 17:19:17,755 INFO L273 TraceCheckUtils]: 10: Hoare triple {14509#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {14509#true} is VALID [2018-11-14 17:19:17,755 INFO L273 TraceCheckUtils]: 11: Hoare triple {14509#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {14509#true} is VALID [2018-11-14 17:19:17,755 INFO L273 TraceCheckUtils]: 12: Hoare triple {14509#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {14509#true} is VALID [2018-11-14 17:19:17,755 INFO L273 TraceCheckUtils]: 13: Hoare triple {14509#true} assume true; {14509#true} is VALID [2018-11-14 17:19:17,756 INFO L273 TraceCheckUtils]: 14: Hoare triple {14509#true} assume !false; {14509#true} is VALID [2018-11-14 17:19:17,756 INFO L273 TraceCheckUtils]: 15: Hoare triple {14509#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,756 INFO L273 TraceCheckUtils]: 16: Hoare triple {14509#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,757 INFO L273 TraceCheckUtils]: 17: Hoare triple {14509#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,757 INFO L273 TraceCheckUtils]: 18: Hoare triple {14509#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,757 INFO L273 TraceCheckUtils]: 19: Hoare triple {14509#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,757 INFO L273 TraceCheckUtils]: 20: Hoare triple {14509#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,758 INFO L273 TraceCheckUtils]: 21: Hoare triple {14509#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,758 INFO L273 TraceCheckUtils]: 22: Hoare triple {14509#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,758 INFO L273 TraceCheckUtils]: 23: Hoare triple {14509#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {14509#true} is VALID [2018-11-14 17:19:17,758 INFO L273 TraceCheckUtils]: 24: Hoare triple {14509#true} assume #t~mem32 == 8464;havoc #t~mem32; {14509#true} is VALID [2018-11-14 17:19:17,758 INFO L273 TraceCheckUtils]: 25: Hoare triple {14509#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {14509#true} is VALID [2018-11-14 17:19:17,759 INFO L273 TraceCheckUtils]: 26: Hoare triple {14509#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {14509#true} is VALID [2018-11-14 17:19:17,775 INFO L273 TraceCheckUtils]: 27: Hoare triple {14509#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:17,784 INFO L273 TraceCheckUtils]: 28: Hoare triple {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:17,798 INFO L273 TraceCheckUtils]: 29: Hoare triple {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:17,799 INFO L273 TraceCheckUtils]: 30: Hoare triple {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} ~skip~0 := 0; {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:17,799 INFO L273 TraceCheckUtils]: 31: Hoare triple {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume true; {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:17,802 INFO L273 TraceCheckUtils]: 32: Hoare triple {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !false; {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:17,802 INFO L273 TraceCheckUtils]: 33: Hoare triple {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:17,803 INFO L273 TraceCheckUtils]: 34: Hoare triple {14511#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {14512#(= |ssl3_accept_#t~mem25| 8496)} is VALID [2018-11-14 17:19:17,803 INFO L273 TraceCheckUtils]: 35: Hoare triple {14512#(= |ssl3_accept_#t~mem25| 8496)} assume #t~mem25 == 16384;havoc #t~mem25; {14510#false} is VALID [2018-11-14 17:19:17,803 INFO L273 TraceCheckUtils]: 36: Hoare triple {14510#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {14510#false} is VALID [2018-11-14 17:19:17,803 INFO L273 TraceCheckUtils]: 37: Hoare triple {14510#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {14510#false} is VALID [2018-11-14 17:19:17,804 INFO L273 TraceCheckUtils]: 38: Hoare triple {14510#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {14510#false} is VALID [2018-11-14 17:19:17,804 INFO L273 TraceCheckUtils]: 39: Hoare triple {14510#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {14510#false} is VALID [2018-11-14 17:19:17,804 INFO L273 TraceCheckUtils]: 40: Hoare triple {14510#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {14510#false} is VALID [2018-11-14 17:19:17,804 INFO L273 TraceCheckUtils]: 41: Hoare triple {14510#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,804 INFO L273 TraceCheckUtils]: 42: Hoare triple {14510#false} assume #t~mem62 != 12292;havoc #t~mem62; {14510#false} is VALID [2018-11-14 17:19:17,804 INFO L273 TraceCheckUtils]: 43: Hoare triple {14510#false} assume !(~tmp___5~0 == 0);call write~int(8464, ~s.base, ~s.offset + 52, 4);call #t~mem63.base, #t~mem63.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem64 := read~int(#t~mem63.base, #t~mem63.offset + 60 + 12, 4);call write~int(#t~mem64 + 1, #t~mem63.base, #t~mem63.offset + 60 + 12, 4);havoc #t~mem64;havoc #t~mem63.base, #t~mem63.offset; {14510#false} is VALID [2018-11-14 17:19:17,805 INFO L273 TraceCheckUtils]: 44: Hoare triple {14510#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {14510#false} is VALID [2018-11-14 17:19:17,805 INFO L273 TraceCheckUtils]: 45: Hoare triple {14510#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {14510#false} is VALID [2018-11-14 17:19:17,805 INFO L273 TraceCheckUtils]: 46: Hoare triple {14510#false} ~skip~0 := 0; {14510#false} is VALID [2018-11-14 17:19:17,805 INFO L273 TraceCheckUtils]: 47: Hoare triple {14510#false} assume true; {14510#false} is VALID [2018-11-14 17:19:17,805 INFO L273 TraceCheckUtils]: 48: Hoare triple {14510#false} assume !false; {14510#false} is VALID [2018-11-14 17:19:17,805 INFO L273 TraceCheckUtils]: 49: Hoare triple {14510#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,805 INFO L273 TraceCheckUtils]: 50: Hoare triple {14510#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,806 INFO L273 TraceCheckUtils]: 51: Hoare triple {14510#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,806 INFO L273 TraceCheckUtils]: 52: Hoare triple {14510#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,806 INFO L273 TraceCheckUtils]: 53: Hoare triple {14510#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,806 INFO L273 TraceCheckUtils]: 54: Hoare triple {14510#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,806 INFO L273 TraceCheckUtils]: 55: Hoare triple {14510#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,806 INFO L273 TraceCheckUtils]: 56: Hoare triple {14510#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,807 INFO L273 TraceCheckUtils]: 57: Hoare triple {14510#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,807 INFO L273 TraceCheckUtils]: 58: Hoare triple {14510#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,807 INFO L273 TraceCheckUtils]: 59: Hoare triple {14510#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,807 INFO L273 TraceCheckUtils]: 60: Hoare triple {14510#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,807 INFO L273 TraceCheckUtils]: 61: Hoare triple {14510#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,807 INFO L273 TraceCheckUtils]: 62: Hoare triple {14510#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,807 INFO L273 TraceCheckUtils]: 63: Hoare triple {14510#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,808 INFO L273 TraceCheckUtils]: 64: Hoare triple {14510#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,808 INFO L273 TraceCheckUtils]: 65: Hoare triple {14510#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,808 INFO L273 TraceCheckUtils]: 66: Hoare triple {14510#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {14510#false} is VALID [2018-11-14 17:19:17,808 INFO L273 TraceCheckUtils]: 67: Hoare triple {14510#false} assume #t~mem41 == 8544;havoc #t~mem41; {14510#false} is VALID [2018-11-14 17:19:17,808 INFO L273 TraceCheckUtils]: 68: Hoare triple {14510#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {14510#false} is VALID [2018-11-14 17:19:17,808 INFO L273 TraceCheckUtils]: 69: Hoare triple {14510#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {14510#false} is VALID [2018-11-14 17:19:17,809 INFO L273 TraceCheckUtils]: 70: Hoare triple {14510#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {14510#false} is VALID [2018-11-14 17:19:17,809 INFO L273 TraceCheckUtils]: 71: Hoare triple {14510#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {14510#false} is VALID [2018-11-14 17:19:17,809 INFO L273 TraceCheckUtils]: 72: Hoare triple {14510#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {14510#false} is VALID [2018-11-14 17:19:17,809 INFO L273 TraceCheckUtils]: 73: Hoare triple {14510#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {14510#false} is VALID [2018-11-14 17:19:17,809 INFO L273 TraceCheckUtils]: 74: Hoare triple {14510#false} assume ~blastFlag~0 == 8; {14510#false} is VALID [2018-11-14 17:19:17,810 INFO L273 TraceCheckUtils]: 75: Hoare triple {14510#false} assume !false; {14510#false} is VALID [2018-11-14 17:19:17,817 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 25 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:17,817 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:17,818 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:17,818 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 76 [2018-11-14 17:19:17,818 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:17,819 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:17,936 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 76 edges. 76 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:17,936 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:17,937 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:17,937 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:17,937 INFO L87 Difference]: Start difference. First operand 203 states and 300 transitions. Second operand 4 states. [2018-11-14 17:19:18,826 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:18,826 INFO L93 Difference]: Finished difference Result 407 states and 606 transitions. [2018-11-14 17:19:18,826 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:18,827 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 76 [2018-11-14 17:19:18,827 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:18,827 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:18,829 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 471 transitions. [2018-11-14 17:19:18,829 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:18,831 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 471 transitions. [2018-11-14 17:19:18,831 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 471 transitions. [2018-11-14 17:19:19,325 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 471 edges. 471 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:19,330 INFO L225 Difference]: With dead ends: 407 [2018-11-14 17:19:19,330 INFO L226 Difference]: Without dead ends: 230 [2018-11-14 17:19:19,331 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:19,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 230 states. [2018-11-14 17:19:19,379 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 230 to 203. [2018-11-14 17:19:19,379 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:19,379 INFO L82 GeneralOperation]: Start isEquivalent. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:19,380 INFO L74 IsIncluded]: Start isIncluded. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:19,380 INFO L87 Difference]: Start difference. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:19,384 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:19,385 INFO L93 Difference]: Finished difference Result 230 states and 334 transitions. [2018-11-14 17:19:19,385 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 334 transitions. [2018-11-14 17:19:19,385 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:19,385 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:19,386 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand 230 states. [2018-11-14 17:19:19,386 INFO L87 Difference]: Start difference. First operand 203 states. Second operand 230 states. [2018-11-14 17:19:19,391 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:19,391 INFO L93 Difference]: Finished difference Result 230 states and 334 transitions. [2018-11-14 17:19:19,391 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 334 transitions. [2018-11-14 17:19:19,392 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:19,392 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:19,392 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:19,392 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:19,392 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 203 states. [2018-11-14 17:19:19,396 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 203 states to 203 states and 299 transitions. [2018-11-14 17:19:19,396 INFO L78 Accepts]: Start accepts. Automaton has 203 states and 299 transitions. Word has length 76 [2018-11-14 17:19:19,397 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:19,397 INFO L480 AbstractCegarLoop]: Abstraction has 203 states and 299 transitions. [2018-11-14 17:19:19,397 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:19,397 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 299 transitions. [2018-11-14 17:19:19,398 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 78 [2018-11-14 17:19:19,398 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:19,398 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:19,398 INFO L423 AbstractCegarLoop]: === Iteration 17 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:19,398 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:19,399 INFO L82 PathProgramCache]: Analyzing trace with hash 1094071992, now seen corresponding path program 1 times [2018-11-14 17:19:19,399 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:19,399 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:19,400 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:19,400 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:19,400 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:19,414 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:19,911 WARN L179 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 6 DAG size of output: 3 [2018-11-14 17:19:20,026 INFO L256 TraceCheckUtils]: 0: Hoare triple {15690#true} call ULTIMATE.init(); {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L273 TraceCheckUtils]: 1: Hoare triple {15690#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L273 TraceCheckUtils]: 2: Hoare triple {15690#true} assume true; {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {15690#true} {15690#true} #682#return; {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L256 TraceCheckUtils]: 4: Hoare triple {15690#true} call #t~ret138 := main(); {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L273 TraceCheckUtils]: 5: Hoare triple {15690#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L256 TraceCheckUtils]: 6: Hoare triple {15690#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L273 TraceCheckUtils]: 7: Hoare triple {15690#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {15690#true} is VALID [2018-11-14 17:19:20,027 INFO L273 TraceCheckUtils]: 8: Hoare triple {15690#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 9: Hoare triple {15690#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 10: Hoare triple {15690#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 11: Hoare triple {15690#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 12: Hoare triple {15690#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 13: Hoare triple {15690#true} assume true; {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 14: Hoare triple {15690#true} assume !false; {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 15: Hoare triple {15690#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,028 INFO L273 TraceCheckUtils]: 16: Hoare triple {15690#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,029 INFO L273 TraceCheckUtils]: 17: Hoare triple {15690#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,029 INFO L273 TraceCheckUtils]: 18: Hoare triple {15690#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,029 INFO L273 TraceCheckUtils]: 19: Hoare triple {15690#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,029 INFO L273 TraceCheckUtils]: 20: Hoare triple {15690#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,029 INFO L273 TraceCheckUtils]: 21: Hoare triple {15690#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,030 INFO L273 TraceCheckUtils]: 22: Hoare triple {15690#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,030 INFO L273 TraceCheckUtils]: 23: Hoare triple {15690#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {15690#true} is VALID [2018-11-14 17:19:20,030 INFO L273 TraceCheckUtils]: 24: Hoare triple {15690#true} assume #t~mem32 == 8464;havoc #t~mem32; {15690#true} is VALID [2018-11-14 17:19:20,030 INFO L273 TraceCheckUtils]: 25: Hoare triple {15690#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {15690#true} is VALID [2018-11-14 17:19:20,030 INFO L273 TraceCheckUtils]: 26: Hoare triple {15690#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {15690#true} is VALID [2018-11-14 17:19:20,034 INFO L273 TraceCheckUtils]: 27: Hoare triple {15690#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,034 INFO L273 TraceCheckUtils]: 28: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,035 INFO L273 TraceCheckUtils]: 29: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,035 INFO L273 TraceCheckUtils]: 30: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} ~skip~0 := 0; {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,037 INFO L273 TraceCheckUtils]: 31: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume true; {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,037 INFO L273 TraceCheckUtils]: 32: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !false; {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,039 INFO L273 TraceCheckUtils]: 33: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,039 INFO L273 TraceCheckUtils]: 34: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:20,041 INFO L273 TraceCheckUtils]: 35: Hoare triple {15692#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {15693#(= |ssl3_accept_#t~mem26| 8496)} is VALID [2018-11-14 17:19:20,041 INFO L273 TraceCheckUtils]: 36: Hoare triple {15693#(= |ssl3_accept_#t~mem26| 8496)} assume #t~mem26 == 8192;havoc #t~mem26; {15691#false} is VALID [2018-11-14 17:19:20,041 INFO L273 TraceCheckUtils]: 37: Hoare triple {15691#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {15691#false} is VALID [2018-11-14 17:19:20,041 INFO L273 TraceCheckUtils]: 38: Hoare triple {15691#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {15691#false} is VALID [2018-11-14 17:19:20,041 INFO L273 TraceCheckUtils]: 39: Hoare triple {15691#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 40: Hoare triple {15691#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 41: Hoare triple {15691#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 42: Hoare triple {15691#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 43: Hoare triple {15691#false} assume #t~mem62 != 12292;havoc #t~mem62; {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 44: Hoare triple {15691#false} assume !(~tmp___5~0 == 0);call write~int(8464, ~s.base, ~s.offset + 52, 4);call #t~mem63.base, #t~mem63.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem64 := read~int(#t~mem63.base, #t~mem63.offset + 60 + 12, 4);call write~int(#t~mem64 + 1, #t~mem63.base, #t~mem63.offset + 60 + 12, 4);havoc #t~mem64;havoc #t~mem63.base, #t~mem63.offset; {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 45: Hoare triple {15691#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 46: Hoare triple {15691#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 47: Hoare triple {15691#false} ~skip~0 := 0; {15691#false} is VALID [2018-11-14 17:19:20,042 INFO L273 TraceCheckUtils]: 48: Hoare triple {15691#false} assume true; {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 49: Hoare triple {15691#false} assume !false; {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 50: Hoare triple {15691#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 51: Hoare triple {15691#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 52: Hoare triple {15691#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 53: Hoare triple {15691#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 54: Hoare triple {15691#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 55: Hoare triple {15691#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,043 INFO L273 TraceCheckUtils]: 56: Hoare triple {15691#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 57: Hoare triple {15691#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 58: Hoare triple {15691#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 59: Hoare triple {15691#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 60: Hoare triple {15691#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 61: Hoare triple {15691#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 62: Hoare triple {15691#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 63: Hoare triple {15691#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 64: Hoare triple {15691#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,044 INFO L273 TraceCheckUtils]: 65: Hoare triple {15691#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 66: Hoare triple {15691#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 67: Hoare triple {15691#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 68: Hoare triple {15691#false} assume #t~mem41 == 8544;havoc #t~mem41; {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 69: Hoare triple {15691#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 70: Hoare triple {15691#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 71: Hoare triple {15691#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 72: Hoare triple {15691#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {15691#false} is VALID [2018-11-14 17:19:20,045 INFO L273 TraceCheckUtils]: 73: Hoare triple {15691#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {15691#false} is VALID [2018-11-14 17:19:20,046 INFO L273 TraceCheckUtils]: 74: Hoare triple {15691#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {15691#false} is VALID [2018-11-14 17:19:20,046 INFO L273 TraceCheckUtils]: 75: Hoare triple {15691#false} assume ~blastFlag~0 == 8; {15691#false} is VALID [2018-11-14 17:19:20,046 INFO L273 TraceCheckUtils]: 76: Hoare triple {15691#false} assume !false; {15691#false} is VALID [2018-11-14 17:19:20,049 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 27 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:20,050 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:20,050 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:20,050 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 77 [2018-11-14 17:19:20,051 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:20,051 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:20,126 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 77 edges. 77 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:20,126 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:20,126 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:20,126 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:20,127 INFO L87 Difference]: Start difference. First operand 203 states and 299 transitions. Second operand 4 states. [2018-11-14 17:19:21,042 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:21,042 INFO L93 Difference]: Finished difference Result 407 states and 604 transitions. [2018-11-14 17:19:21,042 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:21,042 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 77 [2018-11-14 17:19:21,043 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:21,043 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:21,045 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 470 transitions. [2018-11-14 17:19:21,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:21,047 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 470 transitions. [2018-11-14 17:19:21,047 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 470 transitions. [2018-11-14 17:19:21,609 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 470 edges. 470 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:21,614 INFO L225 Difference]: With dead ends: 407 [2018-11-14 17:19:21,614 INFO L226 Difference]: Without dead ends: 230 [2018-11-14 17:19:21,615 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:21,615 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 230 states. [2018-11-14 17:19:21,973 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 230 to 203. [2018-11-14 17:19:21,973 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:21,973 INFO L82 GeneralOperation]: Start isEquivalent. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:21,973 INFO L74 IsIncluded]: Start isIncluded. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:21,973 INFO L87 Difference]: Start difference. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:21,977 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:21,977 INFO L93 Difference]: Finished difference Result 230 states and 333 transitions. [2018-11-14 17:19:21,977 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 333 transitions. [2018-11-14 17:19:21,977 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:21,977 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:21,978 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand 230 states. [2018-11-14 17:19:21,978 INFO L87 Difference]: Start difference. First operand 203 states. Second operand 230 states. [2018-11-14 17:19:21,982 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:21,983 INFO L93 Difference]: Finished difference Result 230 states and 333 transitions. [2018-11-14 17:19:21,983 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 333 transitions. [2018-11-14 17:19:21,983 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:21,984 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:21,984 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:21,984 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:21,984 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 203 states. [2018-11-14 17:19:21,988 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 203 states to 203 states and 298 transitions. [2018-11-14 17:19:21,988 INFO L78 Accepts]: Start accepts. Automaton has 203 states and 298 transitions. Word has length 77 [2018-11-14 17:19:21,989 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:21,989 INFO L480 AbstractCegarLoop]: Abstraction has 203 states and 298 transitions. [2018-11-14 17:19:21,989 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:21,989 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 298 transitions. [2018-11-14 17:19:21,990 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2018-11-14 17:19:21,990 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:21,990 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:21,990 INFO L423 AbstractCegarLoop]: === Iteration 18 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:21,990 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:21,991 INFO L82 PathProgramCache]: Analyzing trace with hash 1458389804, now seen corresponding path program 1 times [2018-11-14 17:19:21,991 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:21,991 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:21,992 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:21,992 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:21,992 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:22,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:22,512 INFO L256 TraceCheckUtils]: 0: Hoare triple {16871#true} call ULTIMATE.init(); {16871#true} is VALID [2018-11-14 17:19:22,513 INFO L273 TraceCheckUtils]: 1: Hoare triple {16871#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {16871#true} is VALID [2018-11-14 17:19:22,513 INFO L273 TraceCheckUtils]: 2: Hoare triple {16871#true} assume true; {16871#true} is VALID [2018-11-14 17:19:22,513 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {16871#true} {16871#true} #682#return; {16871#true} is VALID [2018-11-14 17:19:22,513 INFO L256 TraceCheckUtils]: 4: Hoare triple {16871#true} call #t~ret138 := main(); {16871#true} is VALID [2018-11-14 17:19:22,513 INFO L273 TraceCheckUtils]: 5: Hoare triple {16871#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {16871#true} is VALID [2018-11-14 17:19:22,513 INFO L256 TraceCheckUtils]: 6: Hoare triple {16871#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {16871#true} is VALID [2018-11-14 17:19:22,514 INFO L273 TraceCheckUtils]: 7: Hoare triple {16871#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {16871#true} is VALID [2018-11-14 17:19:22,514 INFO L273 TraceCheckUtils]: 8: Hoare triple {16871#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {16871#true} is VALID [2018-11-14 17:19:22,514 INFO L273 TraceCheckUtils]: 9: Hoare triple {16871#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {16871#true} is VALID [2018-11-14 17:19:22,514 INFO L273 TraceCheckUtils]: 10: Hoare triple {16871#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {16871#true} is VALID [2018-11-14 17:19:22,514 INFO L273 TraceCheckUtils]: 11: Hoare triple {16871#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {16871#true} is VALID [2018-11-14 17:19:22,515 INFO L273 TraceCheckUtils]: 12: Hoare triple {16871#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {16871#true} is VALID [2018-11-14 17:19:22,515 INFO L273 TraceCheckUtils]: 13: Hoare triple {16871#true} assume true; {16871#true} is VALID [2018-11-14 17:19:22,515 INFO L273 TraceCheckUtils]: 14: Hoare triple {16871#true} assume !false; {16871#true} is VALID [2018-11-14 17:19:22,515 INFO L273 TraceCheckUtils]: 15: Hoare triple {16871#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,515 INFO L273 TraceCheckUtils]: 16: Hoare triple {16871#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,516 INFO L273 TraceCheckUtils]: 17: Hoare triple {16871#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,516 INFO L273 TraceCheckUtils]: 18: Hoare triple {16871#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,516 INFO L273 TraceCheckUtils]: 19: Hoare triple {16871#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,516 INFO L273 TraceCheckUtils]: 20: Hoare triple {16871#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,516 INFO L273 TraceCheckUtils]: 21: Hoare triple {16871#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,517 INFO L273 TraceCheckUtils]: 22: Hoare triple {16871#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,517 INFO L273 TraceCheckUtils]: 23: Hoare triple {16871#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {16871#true} is VALID [2018-11-14 17:19:22,517 INFO L273 TraceCheckUtils]: 24: Hoare triple {16871#true} assume #t~mem32 == 8464;havoc #t~mem32; {16871#true} is VALID [2018-11-14 17:19:22,517 INFO L273 TraceCheckUtils]: 25: Hoare triple {16871#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {16871#true} is VALID [2018-11-14 17:19:22,517 INFO L273 TraceCheckUtils]: 26: Hoare triple {16871#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {16871#true} is VALID [2018-11-14 17:19:22,522 INFO L273 TraceCheckUtils]: 27: Hoare triple {16871#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,522 INFO L273 TraceCheckUtils]: 28: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,522 INFO L273 TraceCheckUtils]: 29: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,523 INFO L273 TraceCheckUtils]: 30: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} ~skip~0 := 0; {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,523 INFO L273 TraceCheckUtils]: 31: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume true; {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,523 INFO L273 TraceCheckUtils]: 32: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !false; {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,524 INFO L273 TraceCheckUtils]: 33: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,524 INFO L273 TraceCheckUtils]: 34: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,541 INFO L273 TraceCheckUtils]: 35: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:22,550 INFO L273 TraceCheckUtils]: 36: Hoare triple {16873#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {16874#(= |ssl3_accept_#t~mem27| 8496)} is VALID [2018-11-14 17:19:22,561 INFO L273 TraceCheckUtils]: 37: Hoare triple {16874#(= |ssl3_accept_#t~mem27| 8496)} assume #t~mem27 == 24576;havoc #t~mem27; {16872#false} is VALID [2018-11-14 17:19:22,561 INFO L273 TraceCheckUtils]: 38: Hoare triple {16872#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {16872#false} is VALID [2018-11-14 17:19:22,561 INFO L273 TraceCheckUtils]: 39: Hoare triple {16872#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {16872#false} is VALID [2018-11-14 17:19:22,561 INFO L273 TraceCheckUtils]: 40: Hoare triple {16872#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {16872#false} is VALID [2018-11-14 17:19:22,561 INFO L273 TraceCheckUtils]: 41: Hoare triple {16872#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 42: Hoare triple {16872#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 43: Hoare triple {16872#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 44: Hoare triple {16872#false} assume #t~mem62 != 12292;havoc #t~mem62; {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 45: Hoare triple {16872#false} assume !(~tmp___5~0 == 0);call write~int(8464, ~s.base, ~s.offset + 52, 4);call #t~mem63.base, #t~mem63.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem64 := read~int(#t~mem63.base, #t~mem63.offset + 60 + 12, 4);call write~int(#t~mem64 + 1, #t~mem63.base, #t~mem63.offset + 60 + 12, 4);havoc #t~mem64;havoc #t~mem63.base, #t~mem63.offset; {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 46: Hoare triple {16872#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 47: Hoare triple {16872#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 48: Hoare triple {16872#false} ~skip~0 := 0; {16872#false} is VALID [2018-11-14 17:19:22,562 INFO L273 TraceCheckUtils]: 49: Hoare triple {16872#false} assume true; {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 50: Hoare triple {16872#false} assume !false; {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 51: Hoare triple {16872#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 52: Hoare triple {16872#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 53: Hoare triple {16872#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 54: Hoare triple {16872#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 55: Hoare triple {16872#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 56: Hoare triple {16872#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 57: Hoare triple {16872#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,563 INFO L273 TraceCheckUtils]: 58: Hoare triple {16872#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 59: Hoare triple {16872#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 60: Hoare triple {16872#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 61: Hoare triple {16872#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 62: Hoare triple {16872#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 63: Hoare triple {16872#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 64: Hoare triple {16872#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 65: Hoare triple {16872#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,564 INFO L273 TraceCheckUtils]: 66: Hoare triple {16872#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 67: Hoare triple {16872#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 68: Hoare triple {16872#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 69: Hoare triple {16872#false} assume #t~mem41 == 8544;havoc #t~mem41; {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 70: Hoare triple {16872#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 71: Hoare triple {16872#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 72: Hoare triple {16872#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 73: Hoare triple {16872#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 74: Hoare triple {16872#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {16872#false} is VALID [2018-11-14 17:19:22,565 INFO L273 TraceCheckUtils]: 75: Hoare triple {16872#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {16872#false} is VALID [2018-11-14 17:19:22,566 INFO L273 TraceCheckUtils]: 76: Hoare triple {16872#false} assume ~blastFlag~0 == 8; {16872#false} is VALID [2018-11-14 17:19:22,566 INFO L273 TraceCheckUtils]: 77: Hoare triple {16872#false} assume !false; {16872#false} is VALID [2018-11-14 17:19:22,569 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 29 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:22,569 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:22,569 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:22,570 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 78 [2018-11-14 17:19:22,570 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:22,570 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:22,645 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 78 edges. 78 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:22,646 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:22,646 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:22,646 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:22,647 INFO L87 Difference]: Start difference. First operand 203 states and 298 transitions. Second operand 4 states. [2018-11-14 17:19:23,516 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:23,517 INFO L93 Difference]: Finished difference Result 407 states and 602 transitions. [2018-11-14 17:19:23,517 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:23,517 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 78 [2018-11-14 17:19:23,517 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:23,517 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:23,520 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 469 transitions. [2018-11-14 17:19:23,520 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:23,522 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 469 transitions. [2018-11-14 17:19:23,522 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 469 transitions. [2018-11-14 17:19:23,953 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 469 edges. 469 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:23,957 INFO L225 Difference]: With dead ends: 407 [2018-11-14 17:19:23,958 INFO L226 Difference]: Without dead ends: 230 [2018-11-14 17:19:23,958 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:23,958 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 230 states. [2018-11-14 17:19:23,984 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 230 to 203. [2018-11-14 17:19:23,985 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:23,985 INFO L82 GeneralOperation]: Start isEquivalent. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:23,985 INFO L74 IsIncluded]: Start isIncluded. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:23,985 INFO L87 Difference]: Start difference. First operand 230 states. Second operand 203 states. [2018-11-14 17:19:23,990 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:23,990 INFO L93 Difference]: Finished difference Result 230 states and 332 transitions. [2018-11-14 17:19:23,990 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 332 transitions. [2018-11-14 17:19:23,990 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:23,991 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:23,991 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand 230 states. [2018-11-14 17:19:23,991 INFO L87 Difference]: Start difference. First operand 203 states. Second operand 230 states. [2018-11-14 17:19:23,996 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:23,996 INFO L93 Difference]: Finished difference Result 230 states and 332 transitions. [2018-11-14 17:19:23,996 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 332 transitions. [2018-11-14 17:19:23,997 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:23,997 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:23,997 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:23,997 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:23,997 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 203 states. [2018-11-14 17:19:24,001 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 203 states to 203 states and 297 transitions. [2018-11-14 17:19:24,001 INFO L78 Accepts]: Start accepts. Automaton has 203 states and 297 transitions. Word has length 78 [2018-11-14 17:19:24,001 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:24,001 INFO L480 AbstractCegarLoop]: Abstraction has 203 states and 297 transitions. [2018-11-14 17:19:24,002 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:24,002 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 297 transitions. [2018-11-14 17:19:24,002 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 80 [2018-11-14 17:19:24,003 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:24,003 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:24,003 INFO L423 AbstractCegarLoop]: === Iteration 19 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:24,003 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:24,003 INFO L82 PathProgramCache]: Analyzing trace with hash -1221026755, now seen corresponding path program 1 times [2018-11-14 17:19:24,003 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:24,004 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:24,005 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:24,005 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:24,005 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:24,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:24,144 INFO L256 TraceCheckUtils]: 0: Hoare triple {18052#true} call ULTIMATE.init(); {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L273 TraceCheckUtils]: 1: Hoare triple {18052#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L273 TraceCheckUtils]: 2: Hoare triple {18052#true} assume true; {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {18052#true} {18052#true} #682#return; {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L256 TraceCheckUtils]: 4: Hoare triple {18052#true} call #t~ret138 := main(); {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L273 TraceCheckUtils]: 5: Hoare triple {18052#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L256 TraceCheckUtils]: 6: Hoare triple {18052#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L273 TraceCheckUtils]: 7: Hoare triple {18052#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {18052#true} is VALID [2018-11-14 17:19:24,145 INFO L273 TraceCheckUtils]: 8: Hoare triple {18052#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {18052#true} is VALID [2018-11-14 17:19:24,146 INFO L273 TraceCheckUtils]: 9: Hoare triple {18052#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {18052#true} is VALID [2018-11-14 17:19:24,146 INFO L273 TraceCheckUtils]: 10: Hoare triple {18052#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {18052#true} is VALID [2018-11-14 17:19:24,146 INFO L273 TraceCheckUtils]: 11: Hoare triple {18052#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {18052#true} is VALID [2018-11-14 17:19:24,146 INFO L273 TraceCheckUtils]: 12: Hoare triple {18052#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {18052#true} is VALID [2018-11-14 17:19:24,146 INFO L273 TraceCheckUtils]: 13: Hoare triple {18052#true} assume true; {18052#true} is VALID [2018-11-14 17:19:24,146 INFO L273 TraceCheckUtils]: 14: Hoare triple {18052#true} assume !false; {18052#true} is VALID [2018-11-14 17:19:24,146 INFO L273 TraceCheckUtils]: 15: Hoare triple {18052#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,147 INFO L273 TraceCheckUtils]: 16: Hoare triple {18052#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,147 INFO L273 TraceCheckUtils]: 17: Hoare triple {18052#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,147 INFO L273 TraceCheckUtils]: 18: Hoare triple {18052#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,147 INFO L273 TraceCheckUtils]: 19: Hoare triple {18052#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,147 INFO L273 TraceCheckUtils]: 20: Hoare triple {18052#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,148 INFO L273 TraceCheckUtils]: 21: Hoare triple {18052#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,148 INFO L273 TraceCheckUtils]: 22: Hoare triple {18052#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,148 INFO L273 TraceCheckUtils]: 23: Hoare triple {18052#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {18052#true} is VALID [2018-11-14 17:19:24,148 INFO L273 TraceCheckUtils]: 24: Hoare triple {18052#true} assume #t~mem32 == 8464;havoc #t~mem32; {18052#true} is VALID [2018-11-14 17:19:24,148 INFO L273 TraceCheckUtils]: 25: Hoare triple {18052#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {18052#true} is VALID [2018-11-14 17:19:24,148 INFO L273 TraceCheckUtils]: 26: Hoare triple {18052#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {18052#true} is VALID [2018-11-14 17:19:24,149 INFO L273 TraceCheckUtils]: 27: Hoare triple {18052#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,150 INFO L273 TraceCheckUtils]: 28: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,150 INFO L273 TraceCheckUtils]: 29: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,150 INFO L273 TraceCheckUtils]: 30: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} ~skip~0 := 0; {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,150 INFO L273 TraceCheckUtils]: 31: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume true; {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,151 INFO L273 TraceCheckUtils]: 32: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !false; {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,151 INFO L273 TraceCheckUtils]: 33: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,151 INFO L273 TraceCheckUtils]: 34: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,152 INFO L273 TraceCheckUtils]: 35: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,152 INFO L273 TraceCheckUtils]: 36: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} is VALID [2018-11-14 17:19:24,152 INFO L273 TraceCheckUtils]: 37: Hoare triple {18054#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8496)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {18055#(= |ssl3_accept_#t~mem28| 8496)} is VALID [2018-11-14 17:19:24,153 INFO L273 TraceCheckUtils]: 38: Hoare triple {18055#(= |ssl3_accept_#t~mem28| 8496)} assume #t~mem28 == 8195;havoc #t~mem28; {18053#false} is VALID [2018-11-14 17:19:24,153 INFO L273 TraceCheckUtils]: 39: Hoare triple {18053#false} call write~int(1, ~s.base, ~s.offset + 36, 4); {18053#false} is VALID [2018-11-14 17:19:24,153 INFO L273 TraceCheckUtils]: 40: Hoare triple {18053#false} assume (~cb~0.base + ~cb~0.offset) % 4294967296 != 0; {18053#false} is VALID [2018-11-14 17:19:24,153 INFO L273 TraceCheckUtils]: 41: Hoare triple {18053#false} call #t~mem59 := read~int(~s.base, ~s.offset + 0, 4); {18053#false} is VALID [2018-11-14 17:19:24,153 INFO L273 TraceCheckUtils]: 42: Hoare triple {18053#false} assume !(#t~mem59 / 256 != 3);havoc #t~mem59;call write~int(8192, ~s.base, ~s.offset + 4, 4);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~s.offset + 60, 4); {18053#false} is VALID [2018-11-14 17:19:24,154 INFO L273 TraceCheckUtils]: 43: Hoare triple {18053#false} assume !((#t~mem60.base + #t~mem60.offset) % 4294967296 == 0);havoc #t~mem60.base, #t~mem60.offset; {18053#false} is VALID [2018-11-14 17:19:24,154 INFO L273 TraceCheckUtils]: 44: Hoare triple {18053#false} assume !(~tmp___4~0 == 0);call write~int(0, ~s.base, ~s.offset + 64, 4);call #t~mem62 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,154 INFO L273 TraceCheckUtils]: 45: Hoare triple {18053#false} assume #t~mem62 != 12292;havoc #t~mem62; {18053#false} is VALID [2018-11-14 17:19:24,154 INFO L273 TraceCheckUtils]: 46: Hoare triple {18053#false} assume !(~tmp___5~0 == 0);call write~int(8464, ~s.base, ~s.offset + 52, 4);call #t~mem63.base, #t~mem63.offset := read~$Pointer$(~s.base, ~s.offset + 204, 4);call #t~mem64 := read~int(#t~mem63.base, #t~mem63.offset + 60 + 12, 4);call write~int(#t~mem64 + 1, #t~mem63.base, #t~mem63.offset + 60 + 12, 4);havoc #t~mem64;havoc #t~mem63.base, #t~mem63.offset; {18053#false} is VALID [2018-11-14 17:19:24,154 INFO L273 TraceCheckUtils]: 47: Hoare triple {18053#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {18053#false} is VALID [2018-11-14 17:19:24,155 INFO L273 TraceCheckUtils]: 48: Hoare triple {18053#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {18053#false} is VALID [2018-11-14 17:19:24,155 INFO L273 TraceCheckUtils]: 49: Hoare triple {18053#false} ~skip~0 := 0; {18053#false} is VALID [2018-11-14 17:19:24,155 INFO L273 TraceCheckUtils]: 50: Hoare triple {18053#false} assume true; {18053#false} is VALID [2018-11-14 17:19:24,155 INFO L273 TraceCheckUtils]: 51: Hoare triple {18053#false} assume !false; {18053#false} is VALID [2018-11-14 17:19:24,155 INFO L273 TraceCheckUtils]: 52: Hoare triple {18053#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,156 INFO L273 TraceCheckUtils]: 53: Hoare triple {18053#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,156 INFO L273 TraceCheckUtils]: 54: Hoare triple {18053#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,156 INFO L273 TraceCheckUtils]: 55: Hoare triple {18053#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,156 INFO L273 TraceCheckUtils]: 56: Hoare triple {18053#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,157 INFO L273 TraceCheckUtils]: 57: Hoare triple {18053#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,157 INFO L273 TraceCheckUtils]: 58: Hoare triple {18053#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,157 INFO L273 TraceCheckUtils]: 59: Hoare triple {18053#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,157 INFO L273 TraceCheckUtils]: 60: Hoare triple {18053#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,157 INFO L273 TraceCheckUtils]: 61: Hoare triple {18053#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,157 INFO L273 TraceCheckUtils]: 62: Hoare triple {18053#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,158 INFO L273 TraceCheckUtils]: 63: Hoare triple {18053#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,158 INFO L273 TraceCheckUtils]: 64: Hoare triple {18053#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,158 INFO L273 TraceCheckUtils]: 65: Hoare triple {18053#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,158 INFO L273 TraceCheckUtils]: 66: Hoare triple {18053#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,158 INFO L273 TraceCheckUtils]: 67: Hoare triple {18053#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,158 INFO L273 TraceCheckUtils]: 68: Hoare triple {18053#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 69: Hoare triple {18053#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 70: Hoare triple {18053#false} assume #t~mem41 == 8544;havoc #t~mem41; {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 71: Hoare triple {18053#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 72: Hoare triple {18053#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 73: Hoare triple {18053#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 74: Hoare triple {18053#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 75: Hoare triple {18053#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 76: Hoare triple {18053#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {18053#false} is VALID [2018-11-14 17:19:24,159 INFO L273 TraceCheckUtils]: 77: Hoare triple {18053#false} assume ~blastFlag~0 == 8; {18053#false} is VALID [2018-11-14 17:19:24,160 INFO L273 TraceCheckUtils]: 78: Hoare triple {18053#false} assume !false; {18053#false} is VALID [2018-11-14 17:19:24,163 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 31 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:24,163 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:24,163 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:24,164 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 79 [2018-11-14 17:19:24,164 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:24,164 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:24,242 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 79 edges. 79 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:24,243 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:24,243 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:24,243 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:24,244 INFO L87 Difference]: Start difference. First operand 203 states and 297 transitions. Second operand 4 states. [2018-11-14 17:19:25,102 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:25,102 INFO L93 Difference]: Finished difference Result 397 states and 587 transitions. [2018-11-14 17:19:25,102 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:25,102 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 79 [2018-11-14 17:19:25,102 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:25,103 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:25,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 466 transitions. [2018-11-14 17:19:25,105 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:25,107 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 466 transitions. [2018-11-14 17:19:25,107 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 466 transitions. [2018-11-14 17:19:25,556 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 466 edges. 466 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:25,561 INFO L225 Difference]: With dead ends: 397 [2018-11-14 17:19:25,561 INFO L226 Difference]: Without dead ends: 220 [2018-11-14 17:19:25,562 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:25,562 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 220 states. [2018-11-14 17:19:25,581 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 220 to 203. [2018-11-14 17:19:25,582 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:25,582 INFO L82 GeneralOperation]: Start isEquivalent. First operand 220 states. Second operand 203 states. [2018-11-14 17:19:25,582 INFO L74 IsIncluded]: Start isIncluded. First operand 220 states. Second operand 203 states. [2018-11-14 17:19:25,582 INFO L87 Difference]: Start difference. First operand 220 states. Second operand 203 states. [2018-11-14 17:19:25,586 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:25,586 INFO L93 Difference]: Finished difference Result 220 states and 318 transitions. [2018-11-14 17:19:25,587 INFO L276 IsEmpty]: Start isEmpty. Operand 220 states and 318 transitions. [2018-11-14 17:19:25,587 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:25,587 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:25,587 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand 220 states. [2018-11-14 17:19:25,587 INFO L87 Difference]: Start difference. First operand 203 states. Second operand 220 states. [2018-11-14 17:19:25,592 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:25,592 INFO L93 Difference]: Finished difference Result 220 states and 318 transitions. [2018-11-14 17:19:25,592 INFO L276 IsEmpty]: Start isEmpty. Operand 220 states and 318 transitions. [2018-11-14 17:19:25,592 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:25,592 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:25,592 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:25,593 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:25,593 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 203 states. [2018-11-14 17:19:25,596 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 203 states to 203 states and 296 transitions. [2018-11-14 17:19:25,597 INFO L78 Accepts]: Start accepts. Automaton has 203 states and 296 transitions. Word has length 79 [2018-11-14 17:19:25,597 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:25,597 INFO L480 AbstractCegarLoop]: Abstraction has 203 states and 296 transitions. [2018-11-14 17:19:25,597 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:25,597 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 296 transitions. [2018-11-14 17:19:25,598 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2018-11-14 17:19:25,598 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:25,598 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:25,598 INFO L423 AbstractCegarLoop]: === Iteration 20 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:25,598 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:25,599 INFO L82 PathProgramCache]: Analyzing trace with hash 714956579, now seen corresponding path program 1 times [2018-11-14 17:19:25,599 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:25,599 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:25,600 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:25,600 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:25,600 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:25,611 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:25,818 INFO L256 TraceCheckUtils]: 0: Hoare triple {19202#true} call ULTIMATE.init(); {19202#true} is VALID [2018-11-14 17:19:25,818 INFO L273 TraceCheckUtils]: 1: Hoare triple {19202#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {19202#true} is VALID [2018-11-14 17:19:25,819 INFO L273 TraceCheckUtils]: 2: Hoare triple {19202#true} assume true; {19202#true} is VALID [2018-11-14 17:19:25,819 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {19202#true} {19202#true} #682#return; {19202#true} is VALID [2018-11-14 17:19:25,819 INFO L256 TraceCheckUtils]: 4: Hoare triple {19202#true} call #t~ret138 := main(); {19202#true} is VALID [2018-11-14 17:19:25,819 INFO L273 TraceCheckUtils]: 5: Hoare triple {19202#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {19202#true} is VALID [2018-11-14 17:19:25,819 INFO L256 TraceCheckUtils]: 6: Hoare triple {19202#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {19202#true} is VALID [2018-11-14 17:19:25,819 INFO L273 TraceCheckUtils]: 7: Hoare triple {19202#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {19202#true} is VALID [2018-11-14 17:19:25,820 INFO L273 TraceCheckUtils]: 8: Hoare triple {19202#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {19202#true} is VALID [2018-11-14 17:19:25,820 INFO L273 TraceCheckUtils]: 9: Hoare triple {19202#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {19202#true} is VALID [2018-11-14 17:19:25,820 INFO L273 TraceCheckUtils]: 10: Hoare triple {19202#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {19202#true} is VALID [2018-11-14 17:19:25,820 INFO L273 TraceCheckUtils]: 11: Hoare triple {19202#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {19202#true} is VALID [2018-11-14 17:19:25,820 INFO L273 TraceCheckUtils]: 12: Hoare triple {19202#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {19202#true} is VALID [2018-11-14 17:19:25,821 INFO L273 TraceCheckUtils]: 13: Hoare triple {19202#true} assume true; {19202#true} is VALID [2018-11-14 17:19:25,821 INFO L273 TraceCheckUtils]: 14: Hoare triple {19202#true} assume !false; {19202#true} is VALID [2018-11-14 17:19:25,821 INFO L273 TraceCheckUtils]: 15: Hoare triple {19202#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,821 INFO L273 TraceCheckUtils]: 16: Hoare triple {19202#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,821 INFO L273 TraceCheckUtils]: 17: Hoare triple {19202#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,821 INFO L273 TraceCheckUtils]: 18: Hoare triple {19202#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,822 INFO L273 TraceCheckUtils]: 19: Hoare triple {19202#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,822 INFO L273 TraceCheckUtils]: 20: Hoare triple {19202#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,822 INFO L273 TraceCheckUtils]: 21: Hoare triple {19202#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,822 INFO L273 TraceCheckUtils]: 22: Hoare triple {19202#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,822 INFO L273 TraceCheckUtils]: 23: Hoare triple {19202#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {19202#true} is VALID [2018-11-14 17:19:25,822 INFO L273 TraceCheckUtils]: 24: Hoare triple {19202#true} assume #t~mem32 == 8464;havoc #t~mem32; {19202#true} is VALID [2018-11-14 17:19:25,823 INFO L273 TraceCheckUtils]: 25: Hoare triple {19202#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {19202#true} is VALID [2018-11-14 17:19:25,832 INFO L273 TraceCheckUtils]: 26: Hoare triple {19202#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,845 INFO L273 TraceCheckUtils]: 27: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,858 INFO L273 TraceCheckUtils]: 28: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,870 INFO L273 TraceCheckUtils]: 29: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,886 INFO L273 TraceCheckUtils]: 30: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} ~skip~0 := 0; {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,895 INFO L273 TraceCheckUtils]: 31: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume true; {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,907 INFO L273 TraceCheckUtils]: 32: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !false; {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,920 INFO L273 TraceCheckUtils]: 33: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,932 INFO L273 TraceCheckUtils]: 34: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,945 INFO L273 TraceCheckUtils]: 35: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,962 INFO L273 TraceCheckUtils]: 36: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,970 INFO L273 TraceCheckUtils]: 37: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,983 INFO L273 TraceCheckUtils]: 38: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,995 INFO L273 TraceCheckUtils]: 39: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,997 INFO L273 TraceCheckUtils]: 40: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,997 INFO L273 TraceCheckUtils]: 41: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,999 INFO L273 TraceCheckUtils]: 42: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,999 INFO L273 TraceCheckUtils]: 43: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:25,999 INFO L273 TraceCheckUtils]: 44: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:26,000 INFO L273 TraceCheckUtils]: 45: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume #t~mem35 == 8496;havoc #t~mem35; {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:26,000 INFO L273 TraceCheckUtils]: 46: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {19204#(= ssl3_accept_~blastFlag~0 1)} is VALID [2018-11-14 17:19:26,000 INFO L273 TraceCheckUtils]: 47: Hoare triple {19204#(= ssl3_accept_~blastFlag~0 1)} assume !(~blastFlag~0 == 1); {19203#false} is VALID [2018-11-14 17:19:26,000 INFO L273 TraceCheckUtils]: 48: Hoare triple {19203#false} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 49: Hoare triple {19203#false} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 50: Hoare triple {19203#false} call write~int(0, ~s.base, ~s.offset + 64, 4); {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 51: Hoare triple {19203#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 52: Hoare triple {19203#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 53: Hoare triple {19203#false} ~skip~0 := 0; {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 54: Hoare triple {19203#false} assume true; {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 55: Hoare triple {19203#false} assume !false; {19203#false} is VALID [2018-11-14 17:19:26,001 INFO L273 TraceCheckUtils]: 56: Hoare triple {19203#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 57: Hoare triple {19203#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 58: Hoare triple {19203#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 59: Hoare triple {19203#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 60: Hoare triple {19203#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 61: Hoare triple {19203#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 62: Hoare triple {19203#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 63: Hoare triple {19203#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 64: Hoare triple {19203#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,002 INFO L273 TraceCheckUtils]: 65: Hoare triple {19203#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 66: Hoare triple {19203#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 67: Hoare triple {19203#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 68: Hoare triple {19203#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 69: Hoare triple {19203#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 70: Hoare triple {19203#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 71: Hoare triple {19203#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 72: Hoare triple {19203#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,003 INFO L273 TraceCheckUtils]: 73: Hoare triple {19203#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {19203#false} is VALID [2018-11-14 17:19:26,004 INFO L273 TraceCheckUtils]: 74: Hoare triple {19203#false} assume #t~mem41 == 8544;havoc #t~mem41; {19203#false} is VALID [2018-11-14 17:19:26,004 INFO L273 TraceCheckUtils]: 75: Hoare triple {19203#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {19203#false} is VALID [2018-11-14 17:19:26,004 INFO L273 TraceCheckUtils]: 76: Hoare triple {19203#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {19203#false} is VALID [2018-11-14 17:19:26,004 INFO L273 TraceCheckUtils]: 77: Hoare triple {19203#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {19203#false} is VALID [2018-11-14 17:19:26,004 INFO L273 TraceCheckUtils]: 78: Hoare triple {19203#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {19203#false} is VALID [2018-11-14 17:19:26,004 INFO L273 TraceCheckUtils]: 79: Hoare triple {19203#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {19203#false} is VALID [2018-11-14 17:19:26,004 INFO L273 TraceCheckUtils]: 80: Hoare triple {19203#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {19203#false} is VALID [2018-11-14 17:19:26,005 INFO L273 TraceCheckUtils]: 81: Hoare triple {19203#false} assume ~blastFlag~0 == 8; {19203#false} is VALID [2018-11-14 17:19:26,005 INFO L273 TraceCheckUtils]: 82: Hoare triple {19203#false} assume !false; {19203#false} is VALID [2018-11-14 17:19:26,008 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 42 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-14 17:19:26,008 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:26,008 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-14 17:19:26,008 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 83 [2018-11-14 17:19:26,009 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:26,009 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2018-11-14 17:19:26,100 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 83 edges. 83 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:26,100 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-14 17:19:26,100 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-14 17:19:26,100 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:26,101 INFO L87 Difference]: Start difference. First operand 203 states and 296 transitions. Second operand 3 states. [2018-11-14 17:19:26,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:26,888 INFO L93 Difference]: Finished difference Result 552 states and 825 transitions. [2018-11-14 17:19:26,888 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-14 17:19:26,888 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 83 [2018-11-14 17:19:26,888 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:26,888 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:26,891 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 603 transitions. [2018-11-14 17:19:26,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:26,893 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 603 transitions. [2018-11-14 17:19:26,893 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 603 transitions. [2018-11-14 17:19:27,489 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 603 edges. 603 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:27,501 INFO L225 Difference]: With dead ends: 552 [2018-11-14 17:19:27,501 INFO L226 Difference]: Without dead ends: 375 [2018-11-14 17:19:27,502 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:27,502 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 375 states. [2018-11-14 17:19:27,574 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 375 to 375. [2018-11-14 17:19:27,574 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:27,574 INFO L82 GeneralOperation]: Start isEquivalent. First operand 375 states. Second operand 375 states. [2018-11-14 17:19:27,575 INFO L74 IsIncluded]: Start isIncluded. First operand 375 states. Second operand 375 states. [2018-11-14 17:19:27,575 INFO L87 Difference]: Start difference. First operand 375 states. Second operand 375 states. [2018-11-14 17:19:27,585 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:27,586 INFO L93 Difference]: Finished difference Result 375 states and 548 transitions. [2018-11-14 17:19:27,586 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 548 transitions. [2018-11-14 17:19:27,586 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:27,586 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:27,587 INFO L74 IsIncluded]: Start isIncluded. First operand 375 states. Second operand 375 states. [2018-11-14 17:19:27,587 INFO L87 Difference]: Start difference. First operand 375 states. Second operand 375 states. [2018-11-14 17:19:27,596 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:27,596 INFO L93 Difference]: Finished difference Result 375 states and 548 transitions. [2018-11-14 17:19:27,596 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 548 transitions. [2018-11-14 17:19:27,597 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:27,597 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:27,597 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:27,598 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:27,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 375 states. [2018-11-14 17:19:27,607 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 375 states to 375 states and 548 transitions. [2018-11-14 17:19:27,607 INFO L78 Accepts]: Start accepts. Automaton has 375 states and 548 transitions. Word has length 83 [2018-11-14 17:19:27,607 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:27,608 INFO L480 AbstractCegarLoop]: Abstraction has 375 states and 548 transitions. [2018-11-14 17:19:27,608 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-14 17:19:27,608 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 548 transitions. [2018-11-14 17:19:27,608 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2018-11-14 17:19:27,609 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:27,609 INFO L375 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:27,609 INFO L423 AbstractCegarLoop]: === Iteration 21 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:27,609 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:27,609 INFO L82 PathProgramCache]: Analyzing trace with hash 1109323365, now seen corresponding path program 1 times [2018-11-14 17:19:27,609 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:27,610 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:27,610 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:27,611 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:27,611 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:27,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:27,867 INFO L256 TraceCheckUtils]: 0: Hoare triple {21036#true} call ULTIMATE.init(); {21036#true} is VALID [2018-11-14 17:19:27,868 INFO L273 TraceCheckUtils]: 1: Hoare triple {21036#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {21036#true} is VALID [2018-11-14 17:19:27,868 INFO L273 TraceCheckUtils]: 2: Hoare triple {21036#true} assume true; {21036#true} is VALID [2018-11-14 17:19:27,868 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {21036#true} {21036#true} #682#return; {21036#true} is VALID [2018-11-14 17:19:27,868 INFO L256 TraceCheckUtils]: 4: Hoare triple {21036#true} call #t~ret138 := main(); {21036#true} is VALID [2018-11-14 17:19:27,868 INFO L273 TraceCheckUtils]: 5: Hoare triple {21036#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {21036#true} is VALID [2018-11-14 17:19:27,869 INFO L256 TraceCheckUtils]: 6: Hoare triple {21036#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {21036#true} is VALID [2018-11-14 17:19:27,869 INFO L273 TraceCheckUtils]: 7: Hoare triple {21036#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {21036#true} is VALID [2018-11-14 17:19:27,869 INFO L273 TraceCheckUtils]: 8: Hoare triple {21036#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {21036#true} is VALID [2018-11-14 17:19:27,869 INFO L273 TraceCheckUtils]: 9: Hoare triple {21036#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {21036#true} is VALID [2018-11-14 17:19:27,869 INFO L273 TraceCheckUtils]: 10: Hoare triple {21036#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {21036#true} is VALID [2018-11-14 17:19:27,869 INFO L273 TraceCheckUtils]: 11: Hoare triple {21036#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {21036#true} is VALID [2018-11-14 17:19:27,870 INFO L273 TraceCheckUtils]: 12: Hoare triple {21036#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {21036#true} is VALID [2018-11-14 17:19:27,870 INFO L273 TraceCheckUtils]: 13: Hoare triple {21036#true} assume true; {21036#true} is VALID [2018-11-14 17:19:27,870 INFO L273 TraceCheckUtils]: 14: Hoare triple {21036#true} assume !false; {21036#true} is VALID [2018-11-14 17:19:27,870 INFO L273 TraceCheckUtils]: 15: Hoare triple {21036#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,870 INFO L273 TraceCheckUtils]: 16: Hoare triple {21036#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,871 INFO L273 TraceCheckUtils]: 17: Hoare triple {21036#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,871 INFO L273 TraceCheckUtils]: 18: Hoare triple {21036#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,871 INFO L273 TraceCheckUtils]: 19: Hoare triple {21036#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,871 INFO L273 TraceCheckUtils]: 20: Hoare triple {21036#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,871 INFO L273 TraceCheckUtils]: 21: Hoare triple {21036#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,872 INFO L273 TraceCheckUtils]: 22: Hoare triple {21036#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,872 INFO L273 TraceCheckUtils]: 23: Hoare triple {21036#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,872 INFO L273 TraceCheckUtils]: 24: Hoare triple {21036#true} assume #t~mem32 == 8464;havoc #t~mem32; {21036#true} is VALID [2018-11-14 17:19:27,872 INFO L273 TraceCheckUtils]: 25: Hoare triple {21036#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {21036#true} is VALID [2018-11-14 17:19:27,872 INFO L273 TraceCheckUtils]: 26: Hoare triple {21036#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {21036#true} is VALID [2018-11-14 17:19:27,872 INFO L273 TraceCheckUtils]: 27: Hoare triple {21036#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {21036#true} is VALID [2018-11-14 17:19:27,873 INFO L273 TraceCheckUtils]: 28: Hoare triple {21036#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {21036#true} is VALID [2018-11-14 17:19:27,873 INFO L273 TraceCheckUtils]: 29: Hoare triple {21036#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {21036#true} is VALID [2018-11-14 17:19:27,873 INFO L273 TraceCheckUtils]: 30: Hoare triple {21036#true} ~skip~0 := 0; {21036#true} is VALID [2018-11-14 17:19:27,873 INFO L273 TraceCheckUtils]: 31: Hoare triple {21036#true} assume true; {21036#true} is VALID [2018-11-14 17:19:27,873 INFO L273 TraceCheckUtils]: 32: Hoare triple {21036#true} assume !false; {21036#true} is VALID [2018-11-14 17:19:27,874 INFO L273 TraceCheckUtils]: 33: Hoare triple {21036#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,874 INFO L273 TraceCheckUtils]: 34: Hoare triple {21036#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,874 INFO L273 TraceCheckUtils]: 35: Hoare triple {21036#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,874 INFO L273 TraceCheckUtils]: 36: Hoare triple {21036#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,874 INFO L273 TraceCheckUtils]: 37: Hoare triple {21036#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,874 INFO L273 TraceCheckUtils]: 38: Hoare triple {21036#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,875 INFO L273 TraceCheckUtils]: 39: Hoare triple {21036#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,875 INFO L273 TraceCheckUtils]: 40: Hoare triple {21036#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,875 INFO L273 TraceCheckUtils]: 41: Hoare triple {21036#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,875 INFO L273 TraceCheckUtils]: 42: Hoare triple {21036#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,875 INFO L273 TraceCheckUtils]: 43: Hoare triple {21036#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,876 INFO L273 TraceCheckUtils]: 44: Hoare triple {21036#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {21036#true} is VALID [2018-11-14 17:19:27,876 INFO L273 TraceCheckUtils]: 45: Hoare triple {21036#true} assume #t~mem35 == 8496;havoc #t~mem35; {21036#true} is VALID [2018-11-14 17:19:27,876 INFO L273 TraceCheckUtils]: 46: Hoare triple {21036#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {21036#true} is VALID [2018-11-14 17:19:27,888 INFO L273 TraceCheckUtils]: 47: Hoare triple {21036#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,901 INFO L273 TraceCheckUtils]: 48: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,914 INFO L273 TraceCheckUtils]: 49: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,926 INFO L273 TraceCheckUtils]: 50: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} call write~int(0, ~s.base, ~s.offset + 64, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,939 INFO L273 TraceCheckUtils]: 51: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,951 INFO L273 TraceCheckUtils]: 52: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,964 INFO L273 TraceCheckUtils]: 53: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} ~skip~0 := 0; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,977 INFO L273 TraceCheckUtils]: 54: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume true; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:27,986 INFO L273 TraceCheckUtils]: 55: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !false; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,004 INFO L273 TraceCheckUtils]: 56: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,012 INFO L273 TraceCheckUtils]: 57: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,026 INFO L273 TraceCheckUtils]: 58: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,034 INFO L273 TraceCheckUtils]: 59: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,047 INFO L273 TraceCheckUtils]: 60: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,060 INFO L273 TraceCheckUtils]: 61: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,075 INFO L273 TraceCheckUtils]: 62: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,083 INFO L273 TraceCheckUtils]: 63: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,096 INFO L273 TraceCheckUtils]: 64: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,109 INFO L273 TraceCheckUtils]: 65: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,121 INFO L273 TraceCheckUtils]: 66: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,139 INFO L273 TraceCheckUtils]: 67: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,148 INFO L273 TraceCheckUtils]: 68: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,160 INFO L273 TraceCheckUtils]: 69: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,173 INFO L273 TraceCheckUtils]: 70: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,185 INFO L273 TraceCheckUtils]: 71: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,201 INFO L273 TraceCheckUtils]: 72: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,209 INFO L273 TraceCheckUtils]: 73: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,222 INFO L273 TraceCheckUtils]: 74: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume #t~mem41 == 8544;havoc #t~mem41; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,234 INFO L273 TraceCheckUtils]: 75: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,247 INFO L273 TraceCheckUtils]: 76: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,265 INFO L273 TraceCheckUtils]: 77: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,274 INFO L273 TraceCheckUtils]: 78: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,286 INFO L273 TraceCheckUtils]: 79: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,299 INFO L273 TraceCheckUtils]: 80: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {21038#(<= ssl3_accept_~blastFlag~0 2)} is VALID [2018-11-14 17:19:28,311 INFO L273 TraceCheckUtils]: 81: Hoare triple {21038#(<= ssl3_accept_~blastFlag~0 2)} assume ~blastFlag~0 == 8; {21037#false} is VALID [2018-11-14 17:19:28,311 INFO L273 TraceCheckUtils]: 82: Hoare triple {21037#false} assume !false; {21037#false} is VALID [2018-11-14 17:19:28,317 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 30 proven. 0 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2018-11-14 17:19:28,318 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:28,318 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-14 17:19:28,318 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 83 [2018-11-14 17:19:28,319 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:28,319 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2018-11-14 17:19:29,075 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 72 edges. 72 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:29,076 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-14 17:19:29,076 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-14 17:19:29,076 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:29,076 INFO L87 Difference]: Start difference. First operand 375 states and 548 transitions. Second operand 3 states. [2018-11-14 17:19:29,643 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:29,643 INFO L93 Difference]: Finished difference Result 899 states and 1333 transitions. [2018-11-14 17:19:29,643 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-14 17:19:29,643 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 83 [2018-11-14 17:19:29,644 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:29,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:29,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 607 transitions. [2018-11-14 17:19:29,646 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:29,648 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 607 transitions. [2018-11-14 17:19:29,649 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 607 transitions. [2018-11-14 17:19:30,208 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 607 edges. 607 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:30,224 INFO L225 Difference]: With dead ends: 899 [2018-11-14 17:19:30,225 INFO L226 Difference]: Without dead ends: 550 [2018-11-14 17:19:30,225 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:30,226 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 550 states. [2018-11-14 17:19:30,355 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 550 to 550. [2018-11-14 17:19:30,355 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:30,355 INFO L82 GeneralOperation]: Start isEquivalent. First operand 550 states. Second operand 550 states. [2018-11-14 17:19:30,356 INFO L74 IsIncluded]: Start isIncluded. First operand 550 states. Second operand 550 states. [2018-11-14 17:19:30,356 INFO L87 Difference]: Start difference. First operand 550 states. Second operand 550 states. [2018-11-14 17:19:30,376 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:30,376 INFO L93 Difference]: Finished difference Result 550 states and 808 transitions. [2018-11-14 17:19:30,376 INFO L276 IsEmpty]: Start isEmpty. Operand 550 states and 808 transitions. [2018-11-14 17:19:30,377 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:30,377 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:30,377 INFO L74 IsIncluded]: Start isIncluded. First operand 550 states. Second operand 550 states. [2018-11-14 17:19:30,377 INFO L87 Difference]: Start difference. First operand 550 states. Second operand 550 states. [2018-11-14 17:19:30,388 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:30,388 INFO L93 Difference]: Finished difference Result 550 states and 808 transitions. [2018-11-14 17:19:30,388 INFO L276 IsEmpty]: Start isEmpty. Operand 550 states and 808 transitions. [2018-11-14 17:19:30,389 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:30,389 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:30,389 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:30,389 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:30,389 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 550 states. [2018-11-14 17:19:30,401 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 550 states to 550 states and 808 transitions. [2018-11-14 17:19:30,401 INFO L78 Accepts]: Start accepts. Automaton has 550 states and 808 transitions. Word has length 83 [2018-11-14 17:19:30,401 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:30,401 INFO L480 AbstractCegarLoop]: Abstraction has 550 states and 808 transitions. [2018-11-14 17:19:30,402 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-14 17:19:30,402 INFO L276 IsEmpty]: Start isEmpty. Operand 550 states and 808 transitions. [2018-11-14 17:19:30,403 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2018-11-14 17:19:30,403 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:30,403 INFO L375 BasicCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:30,403 INFO L423 AbstractCegarLoop]: === Iteration 22 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:30,404 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:30,404 INFO L82 PathProgramCache]: Analyzing trace with hash 1662043290, now seen corresponding path program 1 times [2018-11-14 17:19:30,404 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:30,404 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:30,405 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:30,405 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:30,405 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:30,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:30,657 INFO L256 TraceCheckUtils]: 0: Hoare triple {23823#true} call ULTIMATE.init(); {23823#true} is VALID [2018-11-14 17:19:30,658 INFO L273 TraceCheckUtils]: 1: Hoare triple {23823#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {23823#true} is VALID [2018-11-14 17:19:30,658 INFO L273 TraceCheckUtils]: 2: Hoare triple {23823#true} assume true; {23823#true} is VALID [2018-11-14 17:19:30,658 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {23823#true} {23823#true} #682#return; {23823#true} is VALID [2018-11-14 17:19:30,658 INFO L256 TraceCheckUtils]: 4: Hoare triple {23823#true} call #t~ret138 := main(); {23823#true} is VALID [2018-11-14 17:19:30,658 INFO L273 TraceCheckUtils]: 5: Hoare triple {23823#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {23823#true} is VALID [2018-11-14 17:19:30,659 INFO L256 TraceCheckUtils]: 6: Hoare triple {23823#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {23823#true} is VALID [2018-11-14 17:19:30,659 INFO L273 TraceCheckUtils]: 7: Hoare triple {23823#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {23823#true} is VALID [2018-11-14 17:19:30,659 INFO L273 TraceCheckUtils]: 8: Hoare triple {23823#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {23823#true} is VALID [2018-11-14 17:19:30,659 INFO L273 TraceCheckUtils]: 9: Hoare triple {23823#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {23823#true} is VALID [2018-11-14 17:19:30,659 INFO L273 TraceCheckUtils]: 10: Hoare triple {23823#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {23823#true} is VALID [2018-11-14 17:19:30,660 INFO L273 TraceCheckUtils]: 11: Hoare triple {23823#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {23823#true} is VALID [2018-11-14 17:19:30,660 INFO L273 TraceCheckUtils]: 12: Hoare triple {23823#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {23823#true} is VALID [2018-11-14 17:19:30,660 INFO L273 TraceCheckUtils]: 13: Hoare triple {23823#true} assume true; {23823#true} is VALID [2018-11-14 17:19:30,660 INFO L273 TraceCheckUtils]: 14: Hoare triple {23823#true} assume !false; {23823#true} is VALID [2018-11-14 17:19:30,660 INFO L273 TraceCheckUtils]: 15: Hoare triple {23823#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,660 INFO L273 TraceCheckUtils]: 16: Hoare triple {23823#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,661 INFO L273 TraceCheckUtils]: 17: Hoare triple {23823#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,661 INFO L273 TraceCheckUtils]: 18: Hoare triple {23823#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,661 INFO L273 TraceCheckUtils]: 19: Hoare triple {23823#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,661 INFO L273 TraceCheckUtils]: 20: Hoare triple {23823#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,661 INFO L273 TraceCheckUtils]: 21: Hoare triple {23823#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,661 INFO L273 TraceCheckUtils]: 22: Hoare triple {23823#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,662 INFO L273 TraceCheckUtils]: 23: Hoare triple {23823#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,662 INFO L273 TraceCheckUtils]: 24: Hoare triple {23823#true} assume #t~mem32 == 8464;havoc #t~mem32; {23823#true} is VALID [2018-11-14 17:19:30,662 INFO L273 TraceCheckUtils]: 25: Hoare triple {23823#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {23823#true} is VALID [2018-11-14 17:19:30,662 INFO L273 TraceCheckUtils]: 26: Hoare triple {23823#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {23823#true} is VALID [2018-11-14 17:19:30,662 INFO L273 TraceCheckUtils]: 27: Hoare triple {23823#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {23823#true} is VALID [2018-11-14 17:19:30,663 INFO L273 TraceCheckUtils]: 28: Hoare triple {23823#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {23823#true} is VALID [2018-11-14 17:19:30,663 INFO L273 TraceCheckUtils]: 29: Hoare triple {23823#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {23823#true} is VALID [2018-11-14 17:19:30,663 INFO L273 TraceCheckUtils]: 30: Hoare triple {23823#true} ~skip~0 := 0; {23823#true} is VALID [2018-11-14 17:19:30,663 INFO L273 TraceCheckUtils]: 31: Hoare triple {23823#true} assume true; {23823#true} is VALID [2018-11-14 17:19:30,663 INFO L273 TraceCheckUtils]: 32: Hoare triple {23823#true} assume !false; {23823#true} is VALID [2018-11-14 17:19:30,664 INFO L273 TraceCheckUtils]: 33: Hoare triple {23823#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,664 INFO L273 TraceCheckUtils]: 34: Hoare triple {23823#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,664 INFO L273 TraceCheckUtils]: 35: Hoare triple {23823#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,664 INFO L273 TraceCheckUtils]: 36: Hoare triple {23823#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,664 INFO L273 TraceCheckUtils]: 37: Hoare triple {23823#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,665 INFO L273 TraceCheckUtils]: 38: Hoare triple {23823#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,665 INFO L273 TraceCheckUtils]: 39: Hoare triple {23823#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,665 INFO L273 TraceCheckUtils]: 40: Hoare triple {23823#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,665 INFO L273 TraceCheckUtils]: 41: Hoare triple {23823#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,665 INFO L273 TraceCheckUtils]: 42: Hoare triple {23823#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,665 INFO L273 TraceCheckUtils]: 43: Hoare triple {23823#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,666 INFO L273 TraceCheckUtils]: 44: Hoare triple {23823#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,666 INFO L273 TraceCheckUtils]: 45: Hoare triple {23823#true} assume #t~mem35 == 8496;havoc #t~mem35; {23823#true} is VALID [2018-11-14 17:19:30,666 INFO L273 TraceCheckUtils]: 46: Hoare triple {23823#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {23823#true} is VALID [2018-11-14 17:19:30,666 INFO L273 TraceCheckUtils]: 47: Hoare triple {23823#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {23823#true} is VALID [2018-11-14 17:19:30,666 INFO L273 TraceCheckUtils]: 48: Hoare triple {23823#true} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {23823#true} is VALID [2018-11-14 17:19:30,666 INFO L273 TraceCheckUtils]: 49: Hoare triple {23823#true} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,667 INFO L273 TraceCheckUtils]: 50: Hoare triple {23823#true} call write~int(0, ~s.base, ~s.offset + 64, 4); {23823#true} is VALID [2018-11-14 17:19:30,667 INFO L273 TraceCheckUtils]: 51: Hoare triple {23823#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {23823#true} is VALID [2018-11-14 17:19:30,667 INFO L273 TraceCheckUtils]: 52: Hoare triple {23823#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {23823#true} is VALID [2018-11-14 17:19:30,667 INFO L273 TraceCheckUtils]: 53: Hoare triple {23823#true} ~skip~0 := 0; {23823#true} is VALID [2018-11-14 17:19:30,667 INFO L273 TraceCheckUtils]: 54: Hoare triple {23823#true} assume true; {23823#true} is VALID [2018-11-14 17:19:30,667 INFO L273 TraceCheckUtils]: 55: Hoare triple {23823#true} assume !false; {23823#true} is VALID [2018-11-14 17:19:30,668 INFO L273 TraceCheckUtils]: 56: Hoare triple {23823#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,668 INFO L273 TraceCheckUtils]: 57: Hoare triple {23823#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,668 INFO L273 TraceCheckUtils]: 58: Hoare triple {23823#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,668 INFO L273 TraceCheckUtils]: 59: Hoare triple {23823#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,668 INFO L273 TraceCheckUtils]: 60: Hoare triple {23823#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,668 INFO L273 TraceCheckUtils]: 61: Hoare triple {23823#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,669 INFO L273 TraceCheckUtils]: 62: Hoare triple {23823#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,669 INFO L273 TraceCheckUtils]: 63: Hoare triple {23823#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,669 INFO L273 TraceCheckUtils]: 64: Hoare triple {23823#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,669 INFO L273 TraceCheckUtils]: 65: Hoare triple {23823#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,669 INFO L273 TraceCheckUtils]: 66: Hoare triple {23823#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,669 INFO L273 TraceCheckUtils]: 67: Hoare triple {23823#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,670 INFO L273 TraceCheckUtils]: 68: Hoare triple {23823#true} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,670 INFO L273 TraceCheckUtils]: 69: Hoare triple {23823#true} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {23823#true} is VALID [2018-11-14 17:19:30,670 INFO L273 TraceCheckUtils]: 70: Hoare triple {23823#true} assume #t~mem37 == 8512;havoc #t~mem37; {23823#true} is VALID [2018-11-14 17:19:30,670 INFO L273 TraceCheckUtils]: 71: Hoare triple {23823#true} call #t~mem72.base, #t~mem72.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem73.base, #t~mem73.offset := read~$Pointer$(#t~mem72.base, #t~mem72.offset + 604 + 232, 4);call #t~mem74 := read~int(#t~mem73.base, #t~mem73.offset + 12, 4); {23823#true} is VALID [2018-11-14 17:19:30,670 INFO L273 TraceCheckUtils]: 72: Hoare triple {23823#true} assume !(~bitwiseAnd(#t~mem74, 256) % 4294967296 != 0);havoc #t~mem74;havoc #t~mem72.base, #t~mem72.offset;havoc #t~mem73.base, #t~mem73.offset;assume -2147483648 <= #t~nondet75 && #t~nondet75 <= 2147483647;~ret~0 := #t~nondet75;havoc #t~nondet75; {23823#true} is VALID [2018-11-14 17:19:30,683 INFO L273 TraceCheckUtils]: 73: Hoare triple {23823#true} assume ~blastFlag~0 == 2;~blastFlag~0 := 6; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,697 INFO L273 TraceCheckUtils]: 74: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(~ret~0 <= 0); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,705 INFO L273 TraceCheckUtils]: 75: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} call write~int(8528, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,718 INFO L273 TraceCheckUtils]: 76: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,731 INFO L273 TraceCheckUtils]: 77: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,748 INFO L273 TraceCheckUtils]: 78: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} ~skip~0 := 0; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,757 INFO L273 TraceCheckUtils]: 79: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume true; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,769 INFO L273 TraceCheckUtils]: 80: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !false; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,784 INFO L273 TraceCheckUtils]: 81: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,792 INFO L273 TraceCheckUtils]: 82: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,808 INFO L273 TraceCheckUtils]: 83: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,817 INFO L273 TraceCheckUtils]: 84: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,829 INFO L273 TraceCheckUtils]: 85: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,843 INFO L273 TraceCheckUtils]: 86: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,851 INFO L273 TraceCheckUtils]: 87: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,864 INFO L273 TraceCheckUtils]: 88: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,876 INFO L273 TraceCheckUtils]: 89: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,889 INFO L273 TraceCheckUtils]: 90: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,901 INFO L273 TraceCheckUtils]: 91: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,914 INFO L273 TraceCheckUtils]: 92: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,926 INFO L273 TraceCheckUtils]: 93: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,939 INFO L273 TraceCheckUtils]: 94: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,952 INFO L273 TraceCheckUtils]: 95: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,969 INFO L273 TraceCheckUtils]: 96: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,977 INFO L273 TraceCheckUtils]: 97: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:30,990 INFO L273 TraceCheckUtils]: 98: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,002 INFO L273 TraceCheckUtils]: 99: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume #t~mem41 == 8544;havoc #t~mem41; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,015 INFO L273 TraceCheckUtils]: 100: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,028 INFO L273 TraceCheckUtils]: 101: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,040 INFO L273 TraceCheckUtils]: 102: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,053 INFO L273 TraceCheckUtils]: 103: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,065 INFO L273 TraceCheckUtils]: 104: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,078 INFO L273 TraceCheckUtils]: 105: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {23825#(<= ssl3_accept_~blastFlag~0 6)} is VALID [2018-11-14 17:19:31,090 INFO L273 TraceCheckUtils]: 106: Hoare triple {23825#(<= ssl3_accept_~blastFlag~0 6)} assume ~blastFlag~0 == 8; {23824#false} is VALID [2018-11-14 17:19:31,091 INFO L273 TraceCheckUtils]: 107: Hoare triple {23824#false} assume !false; {23824#false} is VALID [2018-11-14 17:19:31,100 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 50 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2018-11-14 17:19:31,100 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:31,100 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-14 17:19:31,101 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 108 [2018-11-14 17:19:31,101 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:31,101 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2018-11-14 17:19:31,497 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 80 edges. 80 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:31,497 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-14 17:19:31,497 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-14 17:19:31,498 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:31,498 INFO L87 Difference]: Start difference. First operand 550 states and 808 transitions. Second operand 3 states. [2018-11-14 17:19:32,346 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:32,346 INFO L93 Difference]: Finished difference Result 1251 states and 1854 transitions. [2018-11-14 17:19:32,346 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-14 17:19:32,346 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 108 [2018-11-14 17:19:32,347 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:32,347 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:32,349 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 608 transitions. [2018-11-14 17:19:32,349 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:32,351 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 608 transitions. [2018-11-14 17:19:32,352 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 608 transitions. [2018-11-14 17:19:32,945 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 608 edges. 608 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:32,970 INFO L225 Difference]: With dead ends: 1251 [2018-11-14 17:19:32,971 INFO L226 Difference]: Without dead ends: 727 [2018-11-14 17:19:32,972 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:32,972 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 727 states. [2018-11-14 17:19:33,224 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 727 to 725. [2018-11-14 17:19:33,224 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:33,224 INFO L82 GeneralOperation]: Start isEquivalent. First operand 727 states. Second operand 725 states. [2018-11-14 17:19:33,224 INFO L74 IsIncluded]: Start isIncluded. First operand 727 states. Second operand 725 states. [2018-11-14 17:19:33,224 INFO L87 Difference]: Start difference. First operand 727 states. Second operand 725 states. [2018-11-14 17:19:33,245 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:33,245 INFO L93 Difference]: Finished difference Result 727 states and 1073 transitions. [2018-11-14 17:19:33,245 INFO L276 IsEmpty]: Start isEmpty. Operand 727 states and 1073 transitions. [2018-11-14 17:19:33,246 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:33,246 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:33,246 INFO L74 IsIncluded]: Start isIncluded. First operand 725 states. Second operand 727 states. [2018-11-14 17:19:33,246 INFO L87 Difference]: Start difference. First operand 725 states. Second operand 727 states. [2018-11-14 17:19:33,275 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:33,276 INFO L93 Difference]: Finished difference Result 727 states and 1073 transitions. [2018-11-14 17:19:33,276 INFO L276 IsEmpty]: Start isEmpty. Operand 727 states and 1073 transitions. [2018-11-14 17:19:33,277 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:33,277 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:33,277 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:33,277 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:33,277 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 725 states. [2018-11-14 17:19:33,299 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 725 states to 725 states and 1072 transitions. [2018-11-14 17:19:33,299 INFO L78 Accepts]: Start accepts. Automaton has 725 states and 1072 transitions. Word has length 108 [2018-11-14 17:19:33,299 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:33,299 INFO L480 AbstractCegarLoop]: Abstraction has 725 states and 1072 transitions. [2018-11-14 17:19:33,299 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-14 17:19:33,299 INFO L276 IsEmpty]: Start isEmpty. Operand 725 states and 1072 transitions. [2018-11-14 17:19:33,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2018-11-14 17:19:33,300 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:33,300 INFO L375 BasicCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:33,301 INFO L423 AbstractCegarLoop]: === Iteration 23 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:33,301 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:33,301 INFO L82 PathProgramCache]: Analyzing trace with hash -1142029832, now seen corresponding path program 1 times [2018-11-14 17:19:33,301 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:33,301 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:33,302 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:33,302 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:33,302 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:33,319 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:33,485 INFO L256 TraceCheckUtils]: 0: Hoare triple {27573#true} call ULTIMATE.init(); {27573#true} is VALID [2018-11-14 17:19:33,485 INFO L273 TraceCheckUtils]: 1: Hoare triple {27573#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {27573#true} is VALID [2018-11-14 17:19:33,485 INFO L273 TraceCheckUtils]: 2: Hoare triple {27573#true} assume true; {27573#true} is VALID [2018-11-14 17:19:33,485 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {27573#true} {27573#true} #682#return; {27573#true} is VALID [2018-11-14 17:19:33,486 INFO L256 TraceCheckUtils]: 4: Hoare triple {27573#true} call #t~ret138 := main(); {27573#true} is VALID [2018-11-14 17:19:33,486 INFO L273 TraceCheckUtils]: 5: Hoare triple {27573#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {27573#true} is VALID [2018-11-14 17:19:33,486 INFO L256 TraceCheckUtils]: 6: Hoare triple {27573#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {27573#true} is VALID [2018-11-14 17:19:33,486 INFO L273 TraceCheckUtils]: 7: Hoare triple {27573#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {27573#true} is VALID [2018-11-14 17:19:33,486 INFO L273 TraceCheckUtils]: 8: Hoare triple {27573#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {27573#true} is VALID [2018-11-14 17:19:33,486 INFO L273 TraceCheckUtils]: 9: Hoare triple {27573#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {27573#true} is VALID [2018-11-14 17:19:33,487 INFO L273 TraceCheckUtils]: 10: Hoare triple {27573#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {27573#true} is VALID [2018-11-14 17:19:33,487 INFO L273 TraceCheckUtils]: 11: Hoare triple {27573#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {27573#true} is VALID [2018-11-14 17:19:33,487 INFO L273 TraceCheckUtils]: 12: Hoare triple {27573#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {27573#true} is VALID [2018-11-14 17:19:33,487 INFO L273 TraceCheckUtils]: 13: Hoare triple {27573#true} assume true; {27573#true} is VALID [2018-11-14 17:19:33,487 INFO L273 TraceCheckUtils]: 14: Hoare triple {27573#true} assume !false; {27573#true} is VALID [2018-11-14 17:19:33,487 INFO L273 TraceCheckUtils]: 15: Hoare triple {27573#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,487 INFO L273 TraceCheckUtils]: 16: Hoare triple {27573#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 17: Hoare triple {27573#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 18: Hoare triple {27573#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 19: Hoare triple {27573#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 20: Hoare triple {27573#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 21: Hoare triple {27573#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 22: Hoare triple {27573#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 23: Hoare triple {27573#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,488 INFO L273 TraceCheckUtils]: 24: Hoare triple {27573#true} assume #t~mem32 == 8464;havoc #t~mem32; {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 25: Hoare triple {27573#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 26: Hoare triple {27573#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 27: Hoare triple {27573#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 28: Hoare triple {27573#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 29: Hoare triple {27573#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 30: Hoare triple {27573#true} ~skip~0 := 0; {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 31: Hoare triple {27573#true} assume true; {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 32: Hoare triple {27573#true} assume !false; {27573#true} is VALID [2018-11-14 17:19:33,489 INFO L273 TraceCheckUtils]: 33: Hoare triple {27573#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 34: Hoare triple {27573#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 35: Hoare triple {27573#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 36: Hoare triple {27573#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 37: Hoare triple {27573#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 38: Hoare triple {27573#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 39: Hoare triple {27573#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 40: Hoare triple {27573#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 41: Hoare triple {27573#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,490 INFO L273 TraceCheckUtils]: 42: Hoare triple {27573#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 43: Hoare triple {27573#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 44: Hoare triple {27573#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 45: Hoare triple {27573#true} assume #t~mem35 == 8496;havoc #t~mem35; {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 46: Hoare triple {27573#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 47: Hoare triple {27573#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 48: Hoare triple {27573#true} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 49: Hoare triple {27573#true} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,491 INFO L273 TraceCheckUtils]: 50: Hoare triple {27573#true} call write~int(0, ~s.base, ~s.offset + 64, 4); {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 51: Hoare triple {27573#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 52: Hoare triple {27573#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 53: Hoare triple {27573#true} ~skip~0 := 0; {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 54: Hoare triple {27573#true} assume true; {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 55: Hoare triple {27573#true} assume !false; {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 56: Hoare triple {27573#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 57: Hoare triple {27573#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 58: Hoare triple {27573#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,492 INFO L273 TraceCheckUtils]: 59: Hoare triple {27573#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 60: Hoare triple {27573#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 61: Hoare triple {27573#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 62: Hoare triple {27573#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 63: Hoare triple {27573#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 64: Hoare triple {27573#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 65: Hoare triple {27573#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 66: Hoare triple {27573#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 67: Hoare triple {27573#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,493 INFO L273 TraceCheckUtils]: 68: Hoare triple {27573#true} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,494 INFO L273 TraceCheckUtils]: 69: Hoare triple {27573#true} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {27573#true} is VALID [2018-11-14 17:19:33,494 INFO L273 TraceCheckUtils]: 70: Hoare triple {27573#true} assume #t~mem37 == 8512;havoc #t~mem37; {27573#true} is VALID [2018-11-14 17:19:33,494 INFO L273 TraceCheckUtils]: 71: Hoare triple {27573#true} call #t~mem72.base, #t~mem72.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem73.base, #t~mem73.offset := read~$Pointer$(#t~mem72.base, #t~mem72.offset + 604 + 232, 4);call #t~mem74 := read~int(#t~mem73.base, #t~mem73.offset + 12, 4); {27573#true} is VALID [2018-11-14 17:19:33,494 INFO L273 TraceCheckUtils]: 72: Hoare triple {27573#true} assume !(~bitwiseAnd(#t~mem74, 256) % 4294967296 != 0);havoc #t~mem74;havoc #t~mem72.base, #t~mem72.offset;havoc #t~mem73.base, #t~mem73.offset;assume -2147483648 <= #t~nondet75 && #t~nondet75 <= 2147483647;~ret~0 := #t~nondet75;havoc #t~nondet75; {27573#true} is VALID [2018-11-14 17:19:33,494 INFO L273 TraceCheckUtils]: 73: Hoare triple {27573#true} assume ~blastFlag~0 == 2;~blastFlag~0 := 6; {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,495 INFO L273 TraceCheckUtils]: 74: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(~ret~0 <= 0); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,496 INFO L273 TraceCheckUtils]: 75: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} call write~int(8528, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,513 INFO L273 TraceCheckUtils]: 76: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,519 INFO L273 TraceCheckUtils]: 77: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,519 INFO L273 TraceCheckUtils]: 78: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} ~skip~0 := 0; {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,521 INFO L273 TraceCheckUtils]: 79: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume true; {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,521 INFO L273 TraceCheckUtils]: 80: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !false; {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,523 INFO L273 TraceCheckUtils]: 81: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,523 INFO L273 TraceCheckUtils]: 82: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,523 INFO L273 TraceCheckUtils]: 83: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,524 INFO L273 TraceCheckUtils]: 84: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,524 INFO L273 TraceCheckUtils]: 85: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,524 INFO L273 TraceCheckUtils]: 86: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,524 INFO L273 TraceCheckUtils]: 87: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,525 INFO L273 TraceCheckUtils]: 88: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,525 INFO L273 TraceCheckUtils]: 89: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,525 INFO L273 TraceCheckUtils]: 90: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,526 INFO L273 TraceCheckUtils]: 91: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,526 INFO L273 TraceCheckUtils]: 92: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,527 INFO L273 TraceCheckUtils]: 93: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,527 INFO L273 TraceCheckUtils]: 94: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,527 INFO L273 TraceCheckUtils]: 95: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,528 INFO L273 TraceCheckUtils]: 96: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,528 INFO L273 TraceCheckUtils]: 97: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,529 INFO L273 TraceCheckUtils]: 98: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,529 INFO L273 TraceCheckUtils]: 99: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem41 == 8544);havoc #t~mem41;call #t~mem42 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,530 INFO L273 TraceCheckUtils]: 100: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem42 == 8545);havoc #t~mem42;call #t~mem43 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,531 INFO L273 TraceCheckUtils]: 101: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem43 == 8560);havoc #t~mem43;call #t~mem44 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,531 INFO L273 TraceCheckUtils]: 102: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem44 == 8561);havoc #t~mem44;call #t~mem45 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,532 INFO L273 TraceCheckUtils]: 103: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem45 == 8448);havoc #t~mem45;call #t~mem46 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,532 INFO L273 TraceCheckUtils]: 104: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem46 == 8576);havoc #t~mem46;call #t~mem47 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,533 INFO L273 TraceCheckUtils]: 105: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem47 == 8577);havoc #t~mem47;call #t~mem48 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,533 INFO L273 TraceCheckUtils]: 106: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem48 == 8592);havoc #t~mem48;call #t~mem49 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,534 INFO L273 TraceCheckUtils]: 107: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem49 == 8593);havoc #t~mem49;call #t~mem50 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,534 INFO L273 TraceCheckUtils]: 108: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem50 == 8608);havoc #t~mem50;call #t~mem51 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,535 INFO L273 TraceCheckUtils]: 109: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume !(#t~mem51 == 8609);havoc #t~mem51;call #t~mem52 := read~int(~s.base, ~s.offset + 52, 4); {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,535 INFO L273 TraceCheckUtils]: 110: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume #t~mem52 == 8640;havoc #t~mem52; {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,536 INFO L273 TraceCheckUtils]: 111: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume -2147483648 <= #t~nondet115 && #t~nondet115 <= 2147483647;~ret~0 := #t~nondet115;havoc #t~nondet115; {27575#(<= 6 ssl3_accept_~blastFlag~0)} is VALID [2018-11-14 17:19:33,536 INFO L273 TraceCheckUtils]: 112: Hoare triple {27575#(<= 6 ssl3_accept_~blastFlag~0)} assume ~blastFlag~0 == 4; {27574#false} is VALID [2018-11-14 17:19:33,536 INFO L273 TraceCheckUtils]: 113: Hoare triple {27574#false} assume !false; {27574#false} is VALID [2018-11-14 17:19:33,543 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 50 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2018-11-14 17:19:33,544 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:33,544 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-14 17:19:33,544 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 114 [2018-11-14 17:19:33,544 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:33,544 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2018-11-14 17:19:33,621 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 86 edges. 86 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:33,622 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-14 17:19:33,622 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-14 17:19:33,622 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:33,622 INFO L87 Difference]: Start difference. First operand 725 states and 1072 transitions. Second operand 3 states. [2018-11-14 17:19:35,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:35,063 INFO L93 Difference]: Finished difference Result 1601 states and 2380 transitions. [2018-11-14 17:19:35,063 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-14 17:19:35,063 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 114 [2018-11-14 17:19:35,063 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:35,064 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:35,065 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 606 transitions. [2018-11-14 17:19:35,066 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:35,068 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 606 transitions. [2018-11-14 17:19:35,068 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 606 transitions. [2018-11-14 17:19:35,647 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 606 edges. 606 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:35,690 INFO L225 Difference]: With dead ends: 1601 [2018-11-14 17:19:35,690 INFO L226 Difference]: Without dead ends: 902 [2018-11-14 17:19:35,691 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:35,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 902 states. [2018-11-14 17:19:36,299 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 902 to 900. [2018-11-14 17:19:36,299 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:36,300 INFO L82 GeneralOperation]: Start isEquivalent. First operand 902 states. Second operand 900 states. [2018-11-14 17:19:36,300 INFO L74 IsIncluded]: Start isIncluded. First operand 902 states. Second operand 900 states. [2018-11-14 17:19:36,300 INFO L87 Difference]: Start difference. First operand 902 states. Second operand 900 states. [2018-11-14 17:19:36,335 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:36,335 INFO L93 Difference]: Finished difference Result 902 states and 1323 transitions. [2018-11-14 17:19:36,335 INFO L276 IsEmpty]: Start isEmpty. Operand 902 states and 1323 transitions. [2018-11-14 17:19:36,336 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:36,336 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:36,336 INFO L74 IsIncluded]: Start isIncluded. First operand 900 states. Second operand 902 states. [2018-11-14 17:19:36,336 INFO L87 Difference]: Start difference. First operand 900 states. Second operand 902 states. [2018-11-14 17:19:36,362 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:36,363 INFO L93 Difference]: Finished difference Result 902 states and 1323 transitions. [2018-11-14 17:19:36,363 INFO L276 IsEmpty]: Start isEmpty. Operand 902 states and 1323 transitions. [2018-11-14 17:19:36,364 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:36,364 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:36,364 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:36,364 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:36,364 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 900 states. [2018-11-14 17:19:36,412 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 900 states to 900 states and 1322 transitions. [2018-11-14 17:19:36,412 INFO L78 Accepts]: Start accepts. Automaton has 900 states and 1322 transitions. Word has length 114 [2018-11-14 17:19:36,413 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:36,413 INFO L480 AbstractCegarLoop]: Abstraction has 900 states and 1322 transitions. [2018-11-14 17:19:36,413 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-14 17:19:36,413 INFO L276 IsEmpty]: Start isEmpty. Operand 900 states and 1322 transitions. [2018-11-14 17:19:36,414 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 132 [2018-11-14 17:19:36,415 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:36,415 INFO L375 BasicCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:36,415 INFO L423 AbstractCegarLoop]: === Iteration 24 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:36,415 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:36,415 INFO L82 PathProgramCache]: Analyzing trace with hash 2044230989, now seen corresponding path program 1 times [2018-11-14 17:19:36,416 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:36,416 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:36,417 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:36,417 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:36,417 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:36,435 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:36,539 INFO L256 TraceCheckUtils]: 0: Hoare triple {32279#true} call ULTIMATE.init(); {32279#true} is VALID [2018-11-14 17:19:36,539 INFO L273 TraceCheckUtils]: 1: Hoare triple {32279#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L273 TraceCheckUtils]: 2: Hoare triple {32279#true} assume true; {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {32279#true} {32279#true} #682#return; {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L256 TraceCheckUtils]: 4: Hoare triple {32279#true} call #t~ret138 := main(); {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L273 TraceCheckUtils]: 5: Hoare triple {32279#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L256 TraceCheckUtils]: 6: Hoare triple {32279#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L273 TraceCheckUtils]: 7: Hoare triple {32279#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L273 TraceCheckUtils]: 8: Hoare triple {32279#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {32279#true} is VALID [2018-11-14 17:19:36,540 INFO L273 TraceCheckUtils]: 9: Hoare triple {32279#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 10: Hoare triple {32279#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 11: Hoare triple {32279#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 12: Hoare triple {32279#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 13: Hoare triple {32279#true} assume true; {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 14: Hoare triple {32279#true} assume !false; {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 15: Hoare triple {32279#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 16: Hoare triple {32279#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 17: Hoare triple {32279#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,541 INFO L273 TraceCheckUtils]: 18: Hoare triple {32279#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 19: Hoare triple {32279#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 20: Hoare triple {32279#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 21: Hoare triple {32279#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 22: Hoare triple {32279#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 23: Hoare triple {32279#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 24: Hoare triple {32279#true} assume #t~mem32 == 8464;havoc #t~mem32; {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 25: Hoare triple {32279#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {32279#true} is VALID [2018-11-14 17:19:36,542 INFO L273 TraceCheckUtils]: 26: Hoare triple {32279#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 27: Hoare triple {32279#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 28: Hoare triple {32279#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 29: Hoare triple {32279#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 30: Hoare triple {32279#true} ~skip~0 := 0; {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 31: Hoare triple {32279#true} assume true; {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 32: Hoare triple {32279#true} assume !false; {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 33: Hoare triple {32279#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 34: Hoare triple {32279#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,543 INFO L273 TraceCheckUtils]: 35: Hoare triple {32279#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 36: Hoare triple {32279#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 37: Hoare triple {32279#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 38: Hoare triple {32279#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 39: Hoare triple {32279#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 40: Hoare triple {32279#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 41: Hoare triple {32279#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 42: Hoare triple {32279#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 43: Hoare triple {32279#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,544 INFO L273 TraceCheckUtils]: 44: Hoare triple {32279#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 45: Hoare triple {32279#true} assume #t~mem35 == 8496;havoc #t~mem35; {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 46: Hoare triple {32279#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 47: Hoare triple {32279#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 48: Hoare triple {32279#true} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 49: Hoare triple {32279#true} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 50: Hoare triple {32279#true} call write~int(0, ~s.base, ~s.offset + 64, 4); {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 51: Hoare triple {32279#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {32279#true} is VALID [2018-11-14 17:19:36,545 INFO L273 TraceCheckUtils]: 52: Hoare triple {32279#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 53: Hoare triple {32279#true} ~skip~0 := 0; {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 54: Hoare triple {32279#true} assume true; {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 55: Hoare triple {32279#true} assume !false; {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 56: Hoare triple {32279#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 57: Hoare triple {32279#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 58: Hoare triple {32279#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 59: Hoare triple {32279#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,546 INFO L273 TraceCheckUtils]: 60: Hoare triple {32279#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,547 INFO L273 TraceCheckUtils]: 61: Hoare triple {32279#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,547 INFO L273 TraceCheckUtils]: 62: Hoare triple {32279#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,547 INFO L273 TraceCheckUtils]: 63: Hoare triple {32279#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,547 INFO L273 TraceCheckUtils]: 64: Hoare triple {32279#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,547 INFO L273 TraceCheckUtils]: 65: Hoare triple {32279#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,547 INFO L273 TraceCheckUtils]: 66: Hoare triple {32279#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,547 INFO L273 TraceCheckUtils]: 67: Hoare triple {32279#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,548 INFO L273 TraceCheckUtils]: 68: Hoare triple {32279#true} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,548 INFO L273 TraceCheckUtils]: 69: Hoare triple {32279#true} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,552 INFO L273 TraceCheckUtils]: 70: Hoare triple {32279#true} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,552 INFO L273 TraceCheckUtils]: 71: Hoare triple {32279#true} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,552 INFO L273 TraceCheckUtils]: 72: Hoare triple {32279#true} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,553 INFO L273 TraceCheckUtils]: 73: Hoare triple {32279#true} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,553 INFO L273 TraceCheckUtils]: 74: Hoare triple {32279#true} assume !(#t~mem41 == 8544);havoc #t~mem41;call #t~mem42 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,553 INFO L273 TraceCheckUtils]: 75: Hoare triple {32279#true} assume !(#t~mem42 == 8545);havoc #t~mem42;call #t~mem43 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,554 INFO L273 TraceCheckUtils]: 76: Hoare triple {32279#true} assume !(#t~mem43 == 8560);havoc #t~mem43;call #t~mem44 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,554 INFO L273 TraceCheckUtils]: 77: Hoare triple {32279#true} assume !(#t~mem44 == 8561);havoc #t~mem44;call #t~mem45 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,554 INFO L273 TraceCheckUtils]: 78: Hoare triple {32279#true} assume !(#t~mem45 == 8448);havoc #t~mem45;call #t~mem46 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,555 INFO L273 TraceCheckUtils]: 79: Hoare triple {32279#true} assume !(#t~mem46 == 8576);havoc #t~mem46;call #t~mem47 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,555 INFO L273 TraceCheckUtils]: 80: Hoare triple {32279#true} assume !(#t~mem47 == 8577);havoc #t~mem47;call #t~mem48 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,555 INFO L273 TraceCheckUtils]: 81: Hoare triple {32279#true} assume !(#t~mem48 == 8592);havoc #t~mem48;call #t~mem49 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,556 INFO L273 TraceCheckUtils]: 82: Hoare triple {32279#true} assume !(#t~mem49 == 8593);havoc #t~mem49;call #t~mem50 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,556 INFO L273 TraceCheckUtils]: 83: Hoare triple {32279#true} assume !(#t~mem50 == 8608);havoc #t~mem50;call #t~mem51 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,556 INFO L273 TraceCheckUtils]: 84: Hoare triple {32279#true} assume !(#t~mem51 == 8609);havoc #t~mem51;call #t~mem52 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,556 INFO L273 TraceCheckUtils]: 85: Hoare triple {32279#true} assume !(#t~mem52 == 8640);havoc #t~mem52;call #t~mem53 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,557 INFO L273 TraceCheckUtils]: 86: Hoare triple {32279#true} assume !(#t~mem53 == 8641);havoc #t~mem53;call #t~mem54 := read~int(~s.base, ~s.offset + 52, 4); {32279#true} is VALID [2018-11-14 17:19:36,557 INFO L273 TraceCheckUtils]: 87: Hoare triple {32279#true} assume #t~mem54 == 8656;havoc #t~mem54; {32279#true} is VALID [2018-11-14 17:19:36,557 INFO L273 TraceCheckUtils]: 88: Hoare triple {32279#true} call #t~mem117.base, #t~mem117.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem118.base, #t~mem118.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem119.base, #t~mem119.offset := read~$Pointer$(#t~mem118.base, #t~mem118.offset + 604 + 232, 4);call write~$Pointer$(#t~mem119.base, #t~mem119.offset, #t~mem117.base, #t~mem117.offset + 172, 4);havoc #t~mem117.base, #t~mem117.offset;havoc #t~mem118.base, #t~mem118.offset;havoc #t~mem119.base, #t~mem119.offset; {32279#true} is VALID [2018-11-14 17:19:36,557 INFO L273 TraceCheckUtils]: 89: Hoare triple {32279#true} assume !(~tmp___9~0 == 0);assume -2147483648 <= #t~nondet120 && #t~nondet120 <= 2147483647;~ret~0 := #t~nondet120;havoc #t~nondet120; {32279#true} is VALID [2018-11-14 17:19:36,557 INFO L273 TraceCheckUtils]: 90: Hoare triple {32279#true} assume ~blastFlag~0 == 2;~blastFlag~0 := 3; {32279#true} is VALID [2018-11-14 17:19:36,561 INFO L273 TraceCheckUtils]: 91: Hoare triple {32279#true} assume !(~ret~0 <= 0);call write~int(8672, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,563 INFO L273 TraceCheckUtils]: 92: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(~tmp___10~0 == 0); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,563 INFO L273 TraceCheckUtils]: 93: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,565 INFO L273 TraceCheckUtils]: 94: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,565 INFO L273 TraceCheckUtils]: 95: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} ~skip~0 := 0; {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,567 INFO L273 TraceCheckUtils]: 96: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume true; {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,567 INFO L273 TraceCheckUtils]: 97: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !false; {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,569 INFO L273 TraceCheckUtils]: 98: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,571 INFO L273 TraceCheckUtils]: 99: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,571 INFO L273 TraceCheckUtils]: 100: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,579 INFO L273 TraceCheckUtils]: 101: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,581 INFO L273 TraceCheckUtils]: 102: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,581 INFO L273 TraceCheckUtils]: 103: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,583 INFO L273 TraceCheckUtils]: 104: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,583 INFO L273 TraceCheckUtils]: 105: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,585 INFO L273 TraceCheckUtils]: 106: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,585 INFO L273 TraceCheckUtils]: 107: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,587 INFO L273 TraceCheckUtils]: 108: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,587 INFO L273 TraceCheckUtils]: 109: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,589 INFO L273 TraceCheckUtils]: 110: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,589 INFO L273 TraceCheckUtils]: 111: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,591 INFO L273 TraceCheckUtils]: 112: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,591 INFO L273 TraceCheckUtils]: 113: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,593 INFO L273 TraceCheckUtils]: 114: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,593 INFO L273 TraceCheckUtils]: 115: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,595 INFO L273 TraceCheckUtils]: 116: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem41 == 8544);havoc #t~mem41;call #t~mem42 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,595 INFO L273 TraceCheckUtils]: 117: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem42 == 8545);havoc #t~mem42;call #t~mem43 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,598 INFO L273 TraceCheckUtils]: 118: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem43 == 8560);havoc #t~mem43;call #t~mem44 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,598 INFO L273 TraceCheckUtils]: 119: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem44 == 8561);havoc #t~mem44;call #t~mem45 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,601 INFO L273 TraceCheckUtils]: 120: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem45 == 8448);havoc #t~mem45;call #t~mem46 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,601 INFO L273 TraceCheckUtils]: 121: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem46 == 8576);havoc #t~mem46;call #t~mem47 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,603 INFO L273 TraceCheckUtils]: 122: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem47 == 8577);havoc #t~mem47;call #t~mem48 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,603 INFO L273 TraceCheckUtils]: 123: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem48 == 8592);havoc #t~mem48;call #t~mem49 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,605 INFO L273 TraceCheckUtils]: 124: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem49 == 8593);havoc #t~mem49;call #t~mem50 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,605 INFO L273 TraceCheckUtils]: 125: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem50 == 8608);havoc #t~mem50;call #t~mem51 := read~int(~s.base, ~s.offset + 52, 4); {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:36,607 INFO L273 TraceCheckUtils]: 126: Hoare triple {32281#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem51 == 8609);havoc #t~mem51;call #t~mem52 := read~int(~s.base, ~s.offset + 52, 4); {32282#(= 8672 |ssl3_accept_#t~mem52|)} is VALID [2018-11-14 17:19:36,607 INFO L273 TraceCheckUtils]: 127: Hoare triple {32282#(= 8672 |ssl3_accept_#t~mem52|)} assume #t~mem52 == 8640;havoc #t~mem52; {32280#false} is VALID [2018-11-14 17:19:36,607 INFO L273 TraceCheckUtils]: 128: Hoare triple {32280#false} assume -2147483648 <= #t~nondet115 && #t~nondet115 <= 2147483647;~ret~0 := #t~nondet115;havoc #t~nondet115; {32280#false} is VALID [2018-11-14 17:19:36,607 INFO L273 TraceCheckUtils]: 129: Hoare triple {32280#false} assume ~blastFlag~0 == 4; {32280#false} is VALID [2018-11-14 17:19:36,607 INFO L273 TraceCheckUtils]: 130: Hoare triple {32280#false} assume !false; {32280#false} is VALID [2018-11-14 17:19:36,620 INFO L134 CoverageAnalysis]: Checked inductivity of 107 backedges. 65 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2018-11-14 17:19:36,621 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:36,621 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:36,621 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 131 [2018-11-14 17:19:36,622 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:36,622 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:36,762 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 103 edges. 103 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:36,762 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:36,762 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:36,763 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:36,763 INFO L87 Difference]: Start difference. First operand 900 states and 1322 transitions. Second operand 4 states. [2018-11-14 17:19:39,079 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:39,079 INFO L93 Difference]: Finished difference Result 2354 states and 3475 transitions. [2018-11-14 17:19:39,079 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:39,079 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 131 [2018-11-14 17:19:39,080 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:39,080 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:39,082 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 579 transitions. [2018-11-14 17:19:39,082 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:39,085 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 579 transitions. [2018-11-14 17:19:39,085 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 579 transitions. [2018-11-14 17:19:39,630 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 579 edges. 579 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:39,722 INFO L225 Difference]: With dead ends: 2354 [2018-11-14 17:19:39,723 INFO L226 Difference]: Without dead ends: 1480 [2018-11-14 17:19:39,725 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:39,726 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1480 states. [2018-11-14 17:19:40,372 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1480 to 1100. [2018-11-14 17:19:40,373 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:40,373 INFO L82 GeneralOperation]: Start isEquivalent. First operand 1480 states. Second operand 1100 states. [2018-11-14 17:19:40,373 INFO L74 IsIncluded]: Start isIncluded. First operand 1480 states. Second operand 1100 states. [2018-11-14 17:19:40,373 INFO L87 Difference]: Start difference. First operand 1480 states. Second operand 1100 states. [2018-11-14 17:19:40,439 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:40,439 INFO L93 Difference]: Finished difference Result 1480 states and 2177 transitions. [2018-11-14 17:19:40,439 INFO L276 IsEmpty]: Start isEmpty. Operand 1480 states and 2177 transitions. [2018-11-14 17:19:40,441 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:40,441 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:40,441 INFO L74 IsIncluded]: Start isIncluded. First operand 1100 states. Second operand 1480 states. [2018-11-14 17:19:40,441 INFO L87 Difference]: Start difference. First operand 1100 states. Second operand 1480 states. [2018-11-14 17:19:40,526 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:40,526 INFO L93 Difference]: Finished difference Result 1480 states and 2177 transitions. [2018-11-14 17:19:40,526 INFO L276 IsEmpty]: Start isEmpty. Operand 1480 states and 2177 transitions. [2018-11-14 17:19:40,528 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:40,528 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:40,528 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:40,528 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:40,528 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1100 states. [2018-11-14 17:19:40,571 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1100 states to 1100 states and 1687 transitions. [2018-11-14 17:19:40,571 INFO L78 Accepts]: Start accepts. Automaton has 1100 states and 1687 transitions. Word has length 131 [2018-11-14 17:19:40,571 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:40,571 INFO L480 AbstractCegarLoop]: Abstraction has 1100 states and 1687 transitions. [2018-11-14 17:19:40,571 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:40,571 INFO L276 IsEmpty]: Start isEmpty. Operand 1100 states and 1687 transitions. [2018-11-14 17:19:40,573 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 133 [2018-11-14 17:19:40,573 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:40,573 INFO L375 BasicCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:40,573 INFO L423 AbstractCegarLoop]: === Iteration 25 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:40,573 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:40,573 INFO L82 PathProgramCache]: Analyzing trace with hash -1060356129, now seen corresponding path program 1 times [2018-11-14 17:19:40,573 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:40,573 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:40,574 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:40,574 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:40,574 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:40,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:40,786 INFO L256 TraceCheckUtils]: 0: Hoare triple {39244#true} call ULTIMATE.init(); {39244#true} is VALID [2018-11-14 17:19:40,786 INFO L273 TraceCheckUtils]: 1: Hoare triple {39244#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {39244#true} is VALID [2018-11-14 17:19:40,787 INFO L273 TraceCheckUtils]: 2: Hoare triple {39244#true} assume true; {39244#true} is VALID [2018-11-14 17:19:40,787 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {39244#true} {39244#true} #682#return; {39244#true} is VALID [2018-11-14 17:19:40,787 INFO L256 TraceCheckUtils]: 4: Hoare triple {39244#true} call #t~ret138 := main(); {39244#true} is VALID [2018-11-14 17:19:40,787 INFO L273 TraceCheckUtils]: 5: Hoare triple {39244#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {39244#true} is VALID [2018-11-14 17:19:40,787 INFO L256 TraceCheckUtils]: 6: Hoare triple {39244#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {39244#true} is VALID [2018-11-14 17:19:40,788 INFO L273 TraceCheckUtils]: 7: Hoare triple {39244#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {39244#true} is VALID [2018-11-14 17:19:40,788 INFO L273 TraceCheckUtils]: 8: Hoare triple {39244#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {39244#true} is VALID [2018-11-14 17:19:40,788 INFO L273 TraceCheckUtils]: 9: Hoare triple {39244#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {39244#true} is VALID [2018-11-14 17:19:40,788 INFO L273 TraceCheckUtils]: 10: Hoare triple {39244#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {39244#true} is VALID [2018-11-14 17:19:40,788 INFO L273 TraceCheckUtils]: 11: Hoare triple {39244#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {39244#true} is VALID [2018-11-14 17:19:40,789 INFO L273 TraceCheckUtils]: 12: Hoare triple {39244#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {39244#true} is VALID [2018-11-14 17:19:40,789 INFO L273 TraceCheckUtils]: 13: Hoare triple {39244#true} assume true; {39244#true} is VALID [2018-11-14 17:19:40,789 INFO L273 TraceCheckUtils]: 14: Hoare triple {39244#true} assume !false; {39244#true} is VALID [2018-11-14 17:19:40,789 INFO L273 TraceCheckUtils]: 15: Hoare triple {39244#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,789 INFO L273 TraceCheckUtils]: 16: Hoare triple {39244#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,790 INFO L273 TraceCheckUtils]: 17: Hoare triple {39244#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,790 INFO L273 TraceCheckUtils]: 18: Hoare triple {39244#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,790 INFO L273 TraceCheckUtils]: 19: Hoare triple {39244#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,790 INFO L273 TraceCheckUtils]: 20: Hoare triple {39244#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,790 INFO L273 TraceCheckUtils]: 21: Hoare triple {39244#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,790 INFO L273 TraceCheckUtils]: 22: Hoare triple {39244#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 23: Hoare triple {39244#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 24: Hoare triple {39244#true} assume #t~mem32 == 8464;havoc #t~mem32; {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 25: Hoare triple {39244#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 26: Hoare triple {39244#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 27: Hoare triple {39244#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 28: Hoare triple {39244#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 29: Hoare triple {39244#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {39244#true} is VALID [2018-11-14 17:19:40,791 INFO L273 TraceCheckUtils]: 30: Hoare triple {39244#true} ~skip~0 := 0; {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 31: Hoare triple {39244#true} assume true; {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 32: Hoare triple {39244#true} assume !false; {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 33: Hoare triple {39244#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 34: Hoare triple {39244#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 35: Hoare triple {39244#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 36: Hoare triple {39244#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 37: Hoare triple {39244#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 38: Hoare triple {39244#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,792 INFO L273 TraceCheckUtils]: 39: Hoare triple {39244#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 40: Hoare triple {39244#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 41: Hoare triple {39244#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 42: Hoare triple {39244#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 43: Hoare triple {39244#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 44: Hoare triple {39244#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 45: Hoare triple {39244#true} assume #t~mem35 == 8496;havoc #t~mem35; {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 46: Hoare triple {39244#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 47: Hoare triple {39244#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {39244#true} is VALID [2018-11-14 17:19:40,793 INFO L273 TraceCheckUtils]: 48: Hoare triple {39244#true} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 49: Hoare triple {39244#true} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 50: Hoare triple {39244#true} call write~int(0, ~s.base, ~s.offset + 64, 4); {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 51: Hoare triple {39244#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 52: Hoare triple {39244#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 53: Hoare triple {39244#true} ~skip~0 := 0; {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 54: Hoare triple {39244#true} assume true; {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 55: Hoare triple {39244#true} assume !false; {39244#true} is VALID [2018-11-14 17:19:40,794 INFO L273 TraceCheckUtils]: 56: Hoare triple {39244#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 57: Hoare triple {39244#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 58: Hoare triple {39244#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 59: Hoare triple {39244#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 60: Hoare triple {39244#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 61: Hoare triple {39244#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 62: Hoare triple {39244#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 63: Hoare triple {39244#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 64: Hoare triple {39244#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,795 INFO L273 TraceCheckUtils]: 65: Hoare triple {39244#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 66: Hoare triple {39244#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 67: Hoare triple {39244#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 68: Hoare triple {39244#true} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 69: Hoare triple {39244#true} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 70: Hoare triple {39244#true} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 71: Hoare triple {39244#true} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 72: Hoare triple {39244#true} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 73: Hoare triple {39244#true} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,796 INFO L273 TraceCheckUtils]: 74: Hoare triple {39244#true} assume !(#t~mem41 == 8544);havoc #t~mem41;call #t~mem42 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 75: Hoare triple {39244#true} assume !(#t~mem42 == 8545);havoc #t~mem42;call #t~mem43 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 76: Hoare triple {39244#true} assume !(#t~mem43 == 8560);havoc #t~mem43;call #t~mem44 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 77: Hoare triple {39244#true} assume !(#t~mem44 == 8561);havoc #t~mem44;call #t~mem45 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 78: Hoare triple {39244#true} assume !(#t~mem45 == 8448);havoc #t~mem45;call #t~mem46 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 79: Hoare triple {39244#true} assume !(#t~mem46 == 8576);havoc #t~mem46;call #t~mem47 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 80: Hoare triple {39244#true} assume !(#t~mem47 == 8577);havoc #t~mem47;call #t~mem48 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 81: Hoare triple {39244#true} assume !(#t~mem48 == 8592);havoc #t~mem48;call #t~mem49 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,797 INFO L273 TraceCheckUtils]: 82: Hoare triple {39244#true} assume !(#t~mem49 == 8593);havoc #t~mem49;call #t~mem50 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 83: Hoare triple {39244#true} assume !(#t~mem50 == 8608);havoc #t~mem50;call #t~mem51 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 84: Hoare triple {39244#true} assume !(#t~mem51 == 8609);havoc #t~mem51;call #t~mem52 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 85: Hoare triple {39244#true} assume !(#t~mem52 == 8640);havoc #t~mem52;call #t~mem53 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 86: Hoare triple {39244#true} assume !(#t~mem53 == 8641);havoc #t~mem53;call #t~mem54 := read~int(~s.base, ~s.offset + 52, 4); {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 87: Hoare triple {39244#true} assume #t~mem54 == 8656;havoc #t~mem54; {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 88: Hoare triple {39244#true} call #t~mem117.base, #t~mem117.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem118.base, #t~mem118.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem119.base, #t~mem119.offset := read~$Pointer$(#t~mem118.base, #t~mem118.offset + 604 + 232, 4);call write~$Pointer$(#t~mem119.base, #t~mem119.offset, #t~mem117.base, #t~mem117.offset + 172, 4);havoc #t~mem117.base, #t~mem117.offset;havoc #t~mem118.base, #t~mem118.offset;havoc #t~mem119.base, #t~mem119.offset; {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 89: Hoare triple {39244#true} assume !(~tmp___9~0 == 0);assume -2147483648 <= #t~nondet120 && #t~nondet120 <= 2147483647;~ret~0 := #t~nondet120;havoc #t~nondet120; {39244#true} is VALID [2018-11-14 17:19:40,798 INFO L273 TraceCheckUtils]: 90: Hoare triple {39244#true} assume ~blastFlag~0 == 2;~blastFlag~0 := 3; {39244#true} is VALID [2018-11-14 17:19:40,799 INFO L273 TraceCheckUtils]: 91: Hoare triple {39244#true} assume !(~ret~0 <= 0);call write~int(8672, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,799 INFO L273 TraceCheckUtils]: 92: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(~tmp___10~0 == 0); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,800 INFO L273 TraceCheckUtils]: 93: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,800 INFO L273 TraceCheckUtils]: 94: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,801 INFO L273 TraceCheckUtils]: 95: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} ~skip~0 := 0; {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,801 INFO L273 TraceCheckUtils]: 96: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume true; {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,804 INFO L273 TraceCheckUtils]: 97: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !false; {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,804 INFO L273 TraceCheckUtils]: 98: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,804 INFO L273 TraceCheckUtils]: 99: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,805 INFO L273 TraceCheckUtils]: 100: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,805 INFO L273 TraceCheckUtils]: 101: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,805 INFO L273 TraceCheckUtils]: 102: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,805 INFO L273 TraceCheckUtils]: 103: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,806 INFO L273 TraceCheckUtils]: 104: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,806 INFO L273 TraceCheckUtils]: 105: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,806 INFO L273 TraceCheckUtils]: 106: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,807 INFO L273 TraceCheckUtils]: 107: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,807 INFO L273 TraceCheckUtils]: 108: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,807 INFO L273 TraceCheckUtils]: 109: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,808 INFO L273 TraceCheckUtils]: 110: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,808 INFO L273 TraceCheckUtils]: 111: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,808 INFO L273 TraceCheckUtils]: 112: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,809 INFO L273 TraceCheckUtils]: 113: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,809 INFO L273 TraceCheckUtils]: 114: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,809 INFO L273 TraceCheckUtils]: 115: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,810 INFO L273 TraceCheckUtils]: 116: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem41 == 8544);havoc #t~mem41;call #t~mem42 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,810 INFO L273 TraceCheckUtils]: 117: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem42 == 8545);havoc #t~mem42;call #t~mem43 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,811 INFO L273 TraceCheckUtils]: 118: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem43 == 8560);havoc #t~mem43;call #t~mem44 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,811 INFO L273 TraceCheckUtils]: 119: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem44 == 8561);havoc #t~mem44;call #t~mem45 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,812 INFO L273 TraceCheckUtils]: 120: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem45 == 8448);havoc #t~mem45;call #t~mem46 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,812 INFO L273 TraceCheckUtils]: 121: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem46 == 8576);havoc #t~mem46;call #t~mem47 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,813 INFO L273 TraceCheckUtils]: 122: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem47 == 8577);havoc #t~mem47;call #t~mem48 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,813 INFO L273 TraceCheckUtils]: 123: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem48 == 8592);havoc #t~mem48;call #t~mem49 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,814 INFO L273 TraceCheckUtils]: 124: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem49 == 8593);havoc #t~mem49;call #t~mem50 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,814 INFO L273 TraceCheckUtils]: 125: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem50 == 8608);havoc #t~mem50;call #t~mem51 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,815 INFO L273 TraceCheckUtils]: 126: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem51 == 8609);havoc #t~mem51;call #t~mem52 := read~int(~s.base, ~s.offset + 52, 4); {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} is VALID [2018-11-14 17:19:40,815 INFO L273 TraceCheckUtils]: 127: Hoare triple {39246#(= 8672 (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)))} assume !(#t~mem52 == 8640);havoc #t~mem52;call #t~mem53 := read~int(~s.base, ~s.offset + 52, 4); {39247#(= 8672 |ssl3_accept_#t~mem53|)} is VALID [2018-11-14 17:19:40,816 INFO L273 TraceCheckUtils]: 128: Hoare triple {39247#(= 8672 |ssl3_accept_#t~mem53|)} assume #t~mem53 == 8641;havoc #t~mem53; {39245#false} is VALID [2018-11-14 17:19:40,816 INFO L273 TraceCheckUtils]: 129: Hoare triple {39245#false} assume -2147483648 <= #t~nondet115 && #t~nondet115 <= 2147483647;~ret~0 := #t~nondet115;havoc #t~nondet115; {39245#false} is VALID [2018-11-14 17:19:40,817 INFO L273 TraceCheckUtils]: 130: Hoare triple {39245#false} assume ~blastFlag~0 == 4; {39245#false} is VALID [2018-11-14 17:19:40,817 INFO L273 TraceCheckUtils]: 131: Hoare triple {39245#false} assume !false; {39245#false} is VALID [2018-11-14 17:19:40,832 INFO L134 CoverageAnalysis]: Checked inductivity of 108 backedges. 66 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2018-11-14 17:19:40,832 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:40,832 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:40,833 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 132 [2018-11-14 17:19:40,833 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:40,833 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:40,951 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 104 edges. 104 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:40,951 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:40,952 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:40,952 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:40,952 INFO L87 Difference]: Start difference. First operand 1100 states and 1687 transitions. Second operand 4 states. [2018-11-14 17:19:43,401 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:43,401 INFO L93 Difference]: Finished difference Result 2532 states and 3808 transitions. [2018-11-14 17:19:43,402 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:43,402 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 132 [2018-11-14 17:19:43,402 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:43,402 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:43,404 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 571 transitions. [2018-11-14 17:19:43,404 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:43,407 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 571 transitions. [2018-11-14 17:19:43,407 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 571 transitions. [2018-11-14 17:19:43,965 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 571 edges. 571 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:44,045 INFO L225 Difference]: With dead ends: 2532 [2018-11-14 17:19:44,045 INFO L226 Difference]: Without dead ends: 1458 [2018-11-14 17:19:44,048 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:44,049 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1458 states. [2018-11-14 17:19:44,914 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1458 to 1105. [2018-11-14 17:19:44,914 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:44,914 INFO L82 GeneralOperation]: Start isEquivalent. First operand 1458 states. Second operand 1105 states. [2018-11-14 17:19:44,914 INFO L74 IsIncluded]: Start isIncluded. First operand 1458 states. Second operand 1105 states. [2018-11-14 17:19:44,914 INFO L87 Difference]: Start difference. First operand 1458 states. Second operand 1105 states. [2018-11-14 17:19:44,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:44,985 INFO L93 Difference]: Finished difference Result 1458 states and 2145 transitions. [2018-11-14 17:19:44,985 INFO L276 IsEmpty]: Start isEmpty. Operand 1458 states and 2145 transitions. [2018-11-14 17:19:44,987 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:44,987 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:44,987 INFO L74 IsIncluded]: Start isIncluded. First operand 1105 states. Second operand 1458 states. [2018-11-14 17:19:44,987 INFO L87 Difference]: Start difference. First operand 1105 states. Second operand 1458 states. [2018-11-14 17:19:45,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:45,054 INFO L93 Difference]: Finished difference Result 1458 states and 2145 transitions. [2018-11-14 17:19:45,054 INFO L276 IsEmpty]: Start isEmpty. Operand 1458 states and 2145 transitions. [2018-11-14 17:19:45,055 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:45,056 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:45,056 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:45,056 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:45,056 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1105 states. [2018-11-14 17:19:45,101 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1105 states to 1105 states and 1692 transitions. [2018-11-14 17:19:45,101 INFO L78 Accepts]: Start accepts. Automaton has 1105 states and 1692 transitions. Word has length 132 [2018-11-14 17:19:45,102 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:45,102 INFO L480 AbstractCegarLoop]: Abstraction has 1105 states and 1692 transitions. [2018-11-14 17:19:45,102 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:45,102 INFO L276 IsEmpty]: Start isEmpty. Operand 1105 states and 1692 transitions. [2018-11-14 17:19:45,103 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 139 [2018-11-14 17:19:45,103 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:45,104 INFO L375 BasicCegarLoop]: trace histogram [5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:45,104 INFO L423 AbstractCegarLoop]: === Iteration 26 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:45,104 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:45,104 INFO L82 PathProgramCache]: Analyzing trace with hash -1290768525, now seen corresponding path program 1 times [2018-11-14 17:19:45,104 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:45,104 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:45,105 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:45,105 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:45,105 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:45,122 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:45,334 INFO L256 TraceCheckUtils]: 0: Hoare triple {46352#true} call ULTIMATE.init(); {46352#true} is VALID [2018-11-14 17:19:45,334 INFO L273 TraceCheckUtils]: 1: Hoare triple {46352#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {46352#true} is VALID [2018-11-14 17:19:45,334 INFO L273 TraceCheckUtils]: 2: Hoare triple {46352#true} assume true; {46352#true} is VALID [2018-11-14 17:19:45,335 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {46352#true} {46352#true} #682#return; {46352#true} is VALID [2018-11-14 17:19:45,335 INFO L256 TraceCheckUtils]: 4: Hoare triple {46352#true} call #t~ret138 := main(); {46352#true} is VALID [2018-11-14 17:19:45,335 INFO L273 TraceCheckUtils]: 5: Hoare triple {46352#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {46352#true} is VALID [2018-11-14 17:19:45,335 INFO L256 TraceCheckUtils]: 6: Hoare triple {46352#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {46352#true} is VALID [2018-11-14 17:19:45,335 INFO L273 TraceCheckUtils]: 7: Hoare triple {46352#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {46352#true} is VALID [2018-11-14 17:19:45,336 INFO L273 TraceCheckUtils]: 8: Hoare triple {46352#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {46352#true} is VALID [2018-11-14 17:19:45,336 INFO L273 TraceCheckUtils]: 9: Hoare triple {46352#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {46352#true} is VALID [2018-11-14 17:19:45,336 INFO L273 TraceCheckUtils]: 10: Hoare triple {46352#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {46352#true} is VALID [2018-11-14 17:19:45,336 INFO L273 TraceCheckUtils]: 11: Hoare triple {46352#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {46352#true} is VALID [2018-11-14 17:19:45,336 INFO L273 TraceCheckUtils]: 12: Hoare triple {46352#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {46352#true} is VALID [2018-11-14 17:19:45,337 INFO L273 TraceCheckUtils]: 13: Hoare triple {46352#true} assume true; {46352#true} is VALID [2018-11-14 17:19:45,337 INFO L273 TraceCheckUtils]: 14: Hoare triple {46352#true} assume !false; {46352#true} is VALID [2018-11-14 17:19:45,337 INFO L273 TraceCheckUtils]: 15: Hoare triple {46352#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,337 INFO L273 TraceCheckUtils]: 16: Hoare triple {46352#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,337 INFO L273 TraceCheckUtils]: 17: Hoare triple {46352#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,337 INFO L273 TraceCheckUtils]: 18: Hoare triple {46352#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 19: Hoare triple {46352#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 20: Hoare triple {46352#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 21: Hoare triple {46352#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 22: Hoare triple {46352#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 23: Hoare triple {46352#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 24: Hoare triple {46352#true} assume #t~mem32 == 8464;havoc #t~mem32; {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 25: Hoare triple {46352#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 26: Hoare triple {46352#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {46352#true} is VALID [2018-11-14 17:19:45,338 INFO L273 TraceCheckUtils]: 27: Hoare triple {46352#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 28: Hoare triple {46352#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 29: Hoare triple {46352#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 30: Hoare triple {46352#true} ~skip~0 := 0; {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 31: Hoare triple {46352#true} assume true; {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 32: Hoare triple {46352#true} assume !false; {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 33: Hoare triple {46352#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 34: Hoare triple {46352#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 35: Hoare triple {46352#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,339 INFO L273 TraceCheckUtils]: 36: Hoare triple {46352#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 37: Hoare triple {46352#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 38: Hoare triple {46352#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 39: Hoare triple {46352#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 40: Hoare triple {46352#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 41: Hoare triple {46352#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 42: Hoare triple {46352#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 43: Hoare triple {46352#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 44: Hoare triple {46352#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {46352#true} is VALID [2018-11-14 17:19:45,340 INFO L273 TraceCheckUtils]: 45: Hoare triple {46352#true} assume #t~mem35 == 8496;havoc #t~mem35; {46352#true} is VALID [2018-11-14 17:19:45,341 INFO L273 TraceCheckUtils]: 46: Hoare triple {46352#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {46352#true} is VALID [2018-11-14 17:19:45,341 INFO L273 TraceCheckUtils]: 47: Hoare triple {46352#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {46352#true} is VALID [2018-11-14 17:19:45,341 INFO L273 TraceCheckUtils]: 48: Hoare triple {46352#true} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {46352#true} is VALID [2018-11-14 17:19:45,341 INFO L273 TraceCheckUtils]: 49: Hoare triple {46352#true} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,342 INFO L273 TraceCheckUtils]: 50: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} call write~int(0, ~s.base, ~s.offset + 64, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,342 INFO L273 TraceCheckUtils]: 51: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,343 INFO L273 TraceCheckUtils]: 52: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,343 INFO L273 TraceCheckUtils]: 53: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} ~skip~0 := 0; {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,343 INFO L273 TraceCheckUtils]: 54: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume true; {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,344 INFO L273 TraceCheckUtils]: 55: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !false; {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,344 INFO L273 TraceCheckUtils]: 56: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,344 INFO L273 TraceCheckUtils]: 57: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,345 INFO L273 TraceCheckUtils]: 58: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,345 INFO L273 TraceCheckUtils]: 59: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,346 INFO L273 TraceCheckUtils]: 60: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,346 INFO L273 TraceCheckUtils]: 61: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,347 INFO L273 TraceCheckUtils]: 62: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,347 INFO L273 TraceCheckUtils]: 63: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,348 INFO L273 TraceCheckUtils]: 64: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,348 INFO L273 TraceCheckUtils]: 65: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,349 INFO L273 TraceCheckUtils]: 66: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,349 INFO L273 TraceCheckUtils]: 67: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,350 INFO L273 TraceCheckUtils]: 68: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} is VALID [2018-11-14 17:19:45,351 INFO L273 TraceCheckUtils]: 69: Hoare triple {46354#(= (select (store (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 64) 0) (+ ssl3_accept_~s.offset 52)) 8656)} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {46355#(= |ssl3_accept_#t~mem37| 8656)} is VALID [2018-11-14 17:19:45,351 INFO L273 TraceCheckUtils]: 70: Hoare triple {46355#(= |ssl3_accept_#t~mem37| 8656)} assume #t~mem37 == 8512;havoc #t~mem37; {46353#false} is VALID [2018-11-14 17:19:45,352 INFO L273 TraceCheckUtils]: 71: Hoare triple {46353#false} call #t~mem72.base, #t~mem72.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem73.base, #t~mem73.offset := read~$Pointer$(#t~mem72.base, #t~mem72.offset + 604 + 232, 4);call #t~mem74 := read~int(#t~mem73.base, #t~mem73.offset + 12, 4); {46353#false} is VALID [2018-11-14 17:19:45,352 INFO L273 TraceCheckUtils]: 72: Hoare triple {46353#false} assume !(~bitwiseAnd(#t~mem74, 256) % 4294967296 != 0);havoc #t~mem74;havoc #t~mem72.base, #t~mem72.offset;havoc #t~mem73.base, #t~mem73.offset;assume -2147483648 <= #t~nondet75 && #t~nondet75 <= 2147483647;~ret~0 := #t~nondet75;havoc #t~nondet75; {46353#false} is VALID [2018-11-14 17:19:45,352 INFO L273 TraceCheckUtils]: 73: Hoare triple {46353#false} assume ~blastFlag~0 == 2;~blastFlag~0 := 6; {46353#false} is VALID [2018-11-14 17:19:45,352 INFO L273 TraceCheckUtils]: 74: Hoare triple {46353#false} assume !(~ret~0 <= 0); {46353#false} is VALID [2018-11-14 17:19:45,352 INFO L273 TraceCheckUtils]: 75: Hoare triple {46353#false} call write~int(8528, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {46353#false} is VALID [2018-11-14 17:19:45,353 INFO L273 TraceCheckUtils]: 76: Hoare triple {46353#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {46353#false} is VALID [2018-11-14 17:19:45,353 INFO L273 TraceCheckUtils]: 77: Hoare triple {46353#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {46353#false} is VALID [2018-11-14 17:19:45,353 INFO L273 TraceCheckUtils]: 78: Hoare triple {46353#false} ~skip~0 := 0; {46353#false} is VALID [2018-11-14 17:19:45,353 INFO L273 TraceCheckUtils]: 79: Hoare triple {46353#false} assume true; {46353#false} is VALID [2018-11-14 17:19:45,353 INFO L273 TraceCheckUtils]: 80: Hoare triple {46353#false} assume !false; {46353#false} is VALID [2018-11-14 17:19:45,354 INFO L273 TraceCheckUtils]: 81: Hoare triple {46353#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,354 INFO L273 TraceCheckUtils]: 82: Hoare triple {46353#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,354 INFO L273 TraceCheckUtils]: 83: Hoare triple {46353#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,354 INFO L273 TraceCheckUtils]: 84: Hoare triple {46353#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,354 INFO L273 TraceCheckUtils]: 85: Hoare triple {46353#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,354 INFO L273 TraceCheckUtils]: 86: Hoare triple {46353#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,355 INFO L273 TraceCheckUtils]: 87: Hoare triple {46353#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,355 INFO L273 TraceCheckUtils]: 88: Hoare triple {46353#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,355 INFO L273 TraceCheckUtils]: 89: Hoare triple {46353#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,355 INFO L273 TraceCheckUtils]: 90: Hoare triple {46353#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,355 INFO L273 TraceCheckUtils]: 91: Hoare triple {46353#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,356 INFO L273 TraceCheckUtils]: 92: Hoare triple {46353#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,356 INFO L273 TraceCheckUtils]: 93: Hoare triple {46353#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,356 INFO L273 TraceCheckUtils]: 94: Hoare triple {46353#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,356 INFO L273 TraceCheckUtils]: 95: Hoare triple {46353#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,356 INFO L273 TraceCheckUtils]: 96: Hoare triple {46353#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,356 INFO L273 TraceCheckUtils]: 97: Hoare triple {46353#false} assume #t~mem39 == 8528;havoc #t~mem39; {46353#false} is VALID [2018-11-14 17:19:45,357 INFO L273 TraceCheckUtils]: 98: Hoare triple {46353#false} call #t~mem76.base, #t~mem76.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem77.base, #t~mem77.offset := read~$Pointer$(#t~mem76.base, #t~mem76.offset + 604 + 232, 4);call #t~mem78 := read~int(#t~mem77.base, #t~mem77.offset + 12, 4);~l~0 := #t~mem78;havoc #t~mem77.base, #t~mem77.offset;havoc #t~mem76.base, #t~mem76.offset;havoc #t~mem78;call #t~mem79 := read~int(~s.base, ~s.offset + 232, 4); {46353#false} is VALID [2018-11-14 17:19:45,357 INFO L273 TraceCheckUtils]: 99: Hoare triple {46353#false} assume ~bitwiseAnd(#t~mem79, 2097152) % 4294967296 != 0;havoc #t~mem79;call #t~mem80.base, #t~mem80.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem80.base, #t~mem80.offset + 604 + 267, 4);havoc #t~mem80.base, #t~mem80.offset; {46353#false} is VALID [2018-11-14 17:19:45,357 INFO L273 TraceCheckUtils]: 100: Hoare triple {46353#false} call #t~mem82.base, #t~mem82.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem83 := read~int(#t~mem82.base, #t~mem82.offset + 604 + 267, 4); {46353#false} is VALID [2018-11-14 17:19:45,357 INFO L273 TraceCheckUtils]: 101: Hoare triple {46353#false} assume #t~mem83 != 0;havoc #t~mem83;havoc #t~mem82.base, #t~mem82.offset; {46353#false} is VALID [2018-11-14 17:19:45,357 INFO L273 TraceCheckUtils]: 102: Hoare triple {46353#false} assume -2147483648 <= #t~nondet92 && #t~nondet92 <= 2147483647;~ret~0 := #t~nondet92;havoc #t~nondet92; {46353#false} is VALID [2018-11-14 17:19:45,358 INFO L273 TraceCheckUtils]: 103: Hoare triple {46353#false} assume ~blastFlag~0 == 6;~blastFlag~0 := 7; {46353#false} is VALID [2018-11-14 17:19:45,358 INFO L273 TraceCheckUtils]: 104: Hoare triple {46353#false} assume !(~ret~0 <= 0); {46353#false} is VALID [2018-11-14 17:19:45,358 INFO L273 TraceCheckUtils]: 105: Hoare triple {46353#false} call write~int(8544, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {46353#false} is VALID [2018-11-14 17:19:45,358 INFO L273 TraceCheckUtils]: 106: Hoare triple {46353#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {46353#false} is VALID [2018-11-14 17:19:45,358 INFO L273 TraceCheckUtils]: 107: Hoare triple {46353#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {46353#false} is VALID [2018-11-14 17:19:45,358 INFO L273 TraceCheckUtils]: 108: Hoare triple {46353#false} ~skip~0 := 0; {46353#false} is VALID [2018-11-14 17:19:45,359 INFO L273 TraceCheckUtils]: 109: Hoare triple {46353#false} assume true; {46353#false} is VALID [2018-11-14 17:19:45,359 INFO L273 TraceCheckUtils]: 110: Hoare triple {46353#false} assume !false; {46353#false} is VALID [2018-11-14 17:19:45,359 INFO L273 TraceCheckUtils]: 111: Hoare triple {46353#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,359 INFO L273 TraceCheckUtils]: 112: Hoare triple {46353#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,359 INFO L273 TraceCheckUtils]: 113: Hoare triple {46353#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,360 INFO L273 TraceCheckUtils]: 114: Hoare triple {46353#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,360 INFO L273 TraceCheckUtils]: 115: Hoare triple {46353#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,360 INFO L273 TraceCheckUtils]: 116: Hoare triple {46353#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,360 INFO L273 TraceCheckUtils]: 117: Hoare triple {46353#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,360 INFO L273 TraceCheckUtils]: 118: Hoare triple {46353#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,360 INFO L273 TraceCheckUtils]: 119: Hoare triple {46353#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,360 INFO L273 TraceCheckUtils]: 120: Hoare triple {46353#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,361 INFO L273 TraceCheckUtils]: 121: Hoare triple {46353#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,361 INFO L273 TraceCheckUtils]: 122: Hoare triple {46353#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,361 INFO L273 TraceCheckUtils]: 123: Hoare triple {46353#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,361 INFO L273 TraceCheckUtils]: 124: Hoare triple {46353#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,361 INFO L273 TraceCheckUtils]: 125: Hoare triple {46353#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,361 INFO L273 TraceCheckUtils]: 126: Hoare triple {46353#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,362 INFO L273 TraceCheckUtils]: 127: Hoare triple {46353#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,362 INFO L273 TraceCheckUtils]: 128: Hoare triple {46353#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {46353#false} is VALID [2018-11-14 17:19:45,362 INFO L273 TraceCheckUtils]: 129: Hoare triple {46353#false} assume #t~mem41 == 8544;havoc #t~mem41; {46353#false} is VALID [2018-11-14 17:19:45,362 INFO L273 TraceCheckUtils]: 130: Hoare triple {46353#false} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {46353#false} is VALID [2018-11-14 17:19:45,362 INFO L273 TraceCheckUtils]: 131: Hoare triple {46353#false} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {46353#false} is VALID [2018-11-14 17:19:45,362 INFO L273 TraceCheckUtils]: 132: Hoare triple {46353#false} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {46353#false} is VALID [2018-11-14 17:19:45,362 INFO L273 TraceCheckUtils]: 133: Hoare triple {46353#false} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {46353#false} is VALID [2018-11-14 17:19:45,363 INFO L273 TraceCheckUtils]: 134: Hoare triple {46353#false} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {46353#false} is VALID [2018-11-14 17:19:45,363 INFO L273 TraceCheckUtils]: 135: Hoare triple {46353#false} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {46353#false} is VALID [2018-11-14 17:19:45,363 INFO L273 TraceCheckUtils]: 136: Hoare triple {46353#false} assume ~blastFlag~0 == 8; {46353#false} is VALID [2018-11-14 17:19:45,363 INFO L273 TraceCheckUtils]: 137: Hoare triple {46353#false} assume !false; {46353#false} is VALID [2018-11-14 17:19:45,378 INFO L134 CoverageAnalysis]: Checked inductivity of 164 backedges. 130 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2018-11-14 17:19:45,378 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:45,378 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:45,378 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 138 [2018-11-14 17:19:45,379 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:45,379 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:45,482 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 106 edges. 106 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:45,483 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:45,483 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:45,483 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:45,483 INFO L87 Difference]: Start difference. First operand 1105 states and 1692 transitions. Second operand 4 states. [2018-11-14 17:19:48,114 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:48,114 INFO L93 Difference]: Finished difference Result 2773 states and 4224 transitions. [2018-11-14 17:19:48,114 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-14 17:19:48,114 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 138 [2018-11-14 17:19:48,114 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:48,115 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:48,116 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 581 transitions. [2018-11-14 17:19:48,117 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-14 17:19:48,119 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 581 transitions. [2018-11-14 17:19:48,119 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 581 transitions. [2018-11-14 17:19:48,692 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 581 edges. 581 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:48,817 INFO L225 Difference]: With dead ends: 2773 [2018-11-14 17:19:48,817 INFO L226 Difference]: Without dead ends: 1694 [2018-11-14 17:19:48,820 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 2 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-14 17:19:48,821 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1694 states. [2018-11-14 17:19:50,028 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1694 to 1239. [2018-11-14 17:19:50,028 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:50,028 INFO L82 GeneralOperation]: Start isEquivalent. First operand 1694 states. Second operand 1239 states. [2018-11-14 17:19:50,028 INFO L74 IsIncluded]: Start isIncluded. First operand 1694 states. Second operand 1239 states. [2018-11-14 17:19:50,028 INFO L87 Difference]: Start difference. First operand 1694 states. Second operand 1239 states. [2018-11-14 17:19:50,120 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:50,120 INFO L93 Difference]: Finished difference Result 1694 states and 2556 transitions. [2018-11-14 17:19:50,120 INFO L276 IsEmpty]: Start isEmpty. Operand 1694 states and 2556 transitions. [2018-11-14 17:19:50,122 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:50,122 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:50,122 INFO L74 IsIncluded]: Start isIncluded. First operand 1239 states. Second operand 1694 states. [2018-11-14 17:19:50,122 INFO L87 Difference]: Start difference. First operand 1239 states. Second operand 1694 states. [2018-11-14 17:19:50,208 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:50,208 INFO L93 Difference]: Finished difference Result 1694 states and 2556 transitions. [2018-11-14 17:19:50,208 INFO L276 IsEmpty]: Start isEmpty. Operand 1694 states and 2556 transitions. [2018-11-14 17:19:50,210 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:50,210 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:50,210 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:50,210 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:50,210 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1239 states. [2018-11-14 17:19:50,262 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1239 states to 1239 states and 1916 transitions. [2018-11-14 17:19:50,262 INFO L78 Accepts]: Start accepts. Automaton has 1239 states and 1916 transitions. Word has length 138 [2018-11-14 17:19:50,262 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:50,262 INFO L480 AbstractCegarLoop]: Abstraction has 1239 states and 1916 transitions. [2018-11-14 17:19:50,262 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-14 17:19:50,263 INFO L276 IsEmpty]: Start isEmpty. Operand 1239 states and 1916 transitions. [2018-11-14 17:19:50,264 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 139 [2018-11-14 17:19:50,264 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:50,264 INFO L375 BasicCegarLoop]: trace histogram [5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:50,264 INFO L423 AbstractCegarLoop]: === Iteration 27 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:50,265 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:50,265 INFO L82 PathProgramCache]: Analyzing trace with hash -2061502091, now seen corresponding path program 1 times [2018-11-14 17:19:50,265 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:50,265 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:50,266 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:50,266 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:50,266 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:50,284 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:50,518 INFO L256 TraceCheckUtils]: 0: Hoare triple {54333#true} call ULTIMATE.init(); {54333#true} is VALID [2018-11-14 17:19:50,518 INFO L273 TraceCheckUtils]: 1: Hoare triple {54333#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {54333#true} is VALID [2018-11-14 17:19:50,518 INFO L273 TraceCheckUtils]: 2: Hoare triple {54333#true} assume true; {54333#true} is VALID [2018-11-14 17:19:50,519 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {54333#true} {54333#true} #682#return; {54333#true} is VALID [2018-11-14 17:19:50,519 INFO L256 TraceCheckUtils]: 4: Hoare triple {54333#true} call #t~ret138 := main(); {54333#true} is VALID [2018-11-14 17:19:50,519 INFO L273 TraceCheckUtils]: 5: Hoare triple {54333#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {54333#true} is VALID [2018-11-14 17:19:50,519 INFO L256 TraceCheckUtils]: 6: Hoare triple {54333#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {54333#true} is VALID [2018-11-14 17:19:50,519 INFO L273 TraceCheckUtils]: 7: Hoare triple {54333#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {54333#true} is VALID [2018-11-14 17:19:50,519 INFO L273 TraceCheckUtils]: 8: Hoare triple {54333#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {54333#true} is VALID [2018-11-14 17:19:50,520 INFO L273 TraceCheckUtils]: 9: Hoare triple {54333#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {54333#true} is VALID [2018-11-14 17:19:50,520 INFO L273 TraceCheckUtils]: 10: Hoare triple {54333#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {54333#true} is VALID [2018-11-14 17:19:50,520 INFO L273 TraceCheckUtils]: 11: Hoare triple {54333#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {54333#true} is VALID [2018-11-14 17:19:50,520 INFO L273 TraceCheckUtils]: 12: Hoare triple {54333#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {54333#true} is VALID [2018-11-14 17:19:50,520 INFO L273 TraceCheckUtils]: 13: Hoare triple {54333#true} assume true; {54333#true} is VALID [2018-11-14 17:19:50,520 INFO L273 TraceCheckUtils]: 14: Hoare triple {54333#true} assume !false; {54333#true} is VALID [2018-11-14 17:19:50,521 INFO L273 TraceCheckUtils]: 15: Hoare triple {54333#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,521 INFO L273 TraceCheckUtils]: 16: Hoare triple {54333#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,521 INFO L273 TraceCheckUtils]: 17: Hoare triple {54333#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,521 INFO L273 TraceCheckUtils]: 18: Hoare triple {54333#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,521 INFO L273 TraceCheckUtils]: 19: Hoare triple {54333#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,521 INFO L273 TraceCheckUtils]: 20: Hoare triple {54333#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,521 INFO L273 TraceCheckUtils]: 21: Hoare triple {54333#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,522 INFO L273 TraceCheckUtils]: 22: Hoare triple {54333#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,522 INFO L273 TraceCheckUtils]: 23: Hoare triple {54333#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,522 INFO L273 TraceCheckUtils]: 24: Hoare triple {54333#true} assume #t~mem32 == 8464;havoc #t~mem32; {54333#true} is VALID [2018-11-14 17:19:50,522 INFO L273 TraceCheckUtils]: 25: Hoare triple {54333#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {54333#true} is VALID [2018-11-14 17:19:50,522 INFO L273 TraceCheckUtils]: 26: Hoare triple {54333#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {54333#true} is VALID [2018-11-14 17:19:50,522 INFO L273 TraceCheckUtils]: 27: Hoare triple {54333#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {54333#true} is VALID [2018-11-14 17:19:50,523 INFO L273 TraceCheckUtils]: 28: Hoare triple {54333#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {54333#true} is VALID [2018-11-14 17:19:50,523 INFO L273 TraceCheckUtils]: 29: Hoare triple {54333#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {54333#true} is VALID [2018-11-14 17:19:50,523 INFO L273 TraceCheckUtils]: 30: Hoare triple {54333#true} ~skip~0 := 0; {54333#true} is VALID [2018-11-14 17:19:50,523 INFO L273 TraceCheckUtils]: 31: Hoare triple {54333#true} assume true; {54333#true} is VALID [2018-11-14 17:19:50,523 INFO L273 TraceCheckUtils]: 32: Hoare triple {54333#true} assume !false; {54333#true} is VALID [2018-11-14 17:19:50,523 INFO L273 TraceCheckUtils]: 33: Hoare triple {54333#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,523 INFO L273 TraceCheckUtils]: 34: Hoare triple {54333#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,524 INFO L273 TraceCheckUtils]: 35: Hoare triple {54333#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,524 INFO L273 TraceCheckUtils]: 36: Hoare triple {54333#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,524 INFO L273 TraceCheckUtils]: 37: Hoare triple {54333#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,524 INFO L273 TraceCheckUtils]: 38: Hoare triple {54333#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,524 INFO L273 TraceCheckUtils]: 39: Hoare triple {54333#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,524 INFO L273 TraceCheckUtils]: 40: Hoare triple {54333#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,525 INFO L273 TraceCheckUtils]: 41: Hoare triple {54333#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,525 INFO L273 TraceCheckUtils]: 42: Hoare triple {54333#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,525 INFO L273 TraceCheckUtils]: 43: Hoare triple {54333#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,525 INFO L273 TraceCheckUtils]: 44: Hoare triple {54333#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,525 INFO L273 TraceCheckUtils]: 45: Hoare triple {54333#true} assume #t~mem35 == 8496;havoc #t~mem35; {54333#true} is VALID [2018-11-14 17:19:50,525 INFO L273 TraceCheckUtils]: 46: Hoare triple {54333#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {54333#true} is VALID [2018-11-14 17:19:50,525 INFO L273 TraceCheckUtils]: 47: Hoare triple {54333#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {54333#true} is VALID [2018-11-14 17:19:50,526 INFO L273 TraceCheckUtils]: 48: Hoare triple {54333#true} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {54333#true} is VALID [2018-11-14 17:19:50,526 INFO L273 TraceCheckUtils]: 49: Hoare triple {54333#true} assume !(#t~mem71 != 0);havoc #t~mem71;call write~int(8512, ~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,526 INFO L273 TraceCheckUtils]: 50: Hoare triple {54333#true} call write~int(0, ~s.base, ~s.offset + 64, 4); {54333#true} is VALID [2018-11-14 17:19:50,526 INFO L273 TraceCheckUtils]: 51: Hoare triple {54333#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {54333#true} is VALID [2018-11-14 17:19:50,526 INFO L273 TraceCheckUtils]: 52: Hoare triple {54333#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {54333#true} is VALID [2018-11-14 17:19:50,527 INFO L273 TraceCheckUtils]: 53: Hoare triple {54333#true} ~skip~0 := 0; {54333#true} is VALID [2018-11-14 17:19:50,527 INFO L273 TraceCheckUtils]: 54: Hoare triple {54333#true} assume true; {54333#true} is VALID [2018-11-14 17:19:50,527 INFO L273 TraceCheckUtils]: 55: Hoare triple {54333#true} assume !false; {54333#true} is VALID [2018-11-14 17:19:50,527 INFO L273 TraceCheckUtils]: 56: Hoare triple {54333#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,527 INFO L273 TraceCheckUtils]: 57: Hoare triple {54333#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,527 INFO L273 TraceCheckUtils]: 58: Hoare triple {54333#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,528 INFO L273 TraceCheckUtils]: 59: Hoare triple {54333#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,528 INFO L273 TraceCheckUtils]: 60: Hoare triple {54333#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,528 INFO L273 TraceCheckUtils]: 61: Hoare triple {54333#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,528 INFO L273 TraceCheckUtils]: 62: Hoare triple {54333#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,528 INFO L273 TraceCheckUtils]: 63: Hoare triple {54333#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,528 INFO L273 TraceCheckUtils]: 64: Hoare triple {54333#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,528 INFO L273 TraceCheckUtils]: 65: Hoare triple {54333#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,529 INFO L273 TraceCheckUtils]: 66: Hoare triple {54333#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,529 INFO L273 TraceCheckUtils]: 67: Hoare triple {54333#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,529 INFO L273 TraceCheckUtils]: 68: Hoare triple {54333#true} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,529 INFO L273 TraceCheckUtils]: 69: Hoare triple {54333#true} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,529 INFO L273 TraceCheckUtils]: 70: Hoare triple {54333#true} assume #t~mem37 == 8512;havoc #t~mem37; {54333#true} is VALID [2018-11-14 17:19:50,529 INFO L273 TraceCheckUtils]: 71: Hoare triple {54333#true} call #t~mem72.base, #t~mem72.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem73.base, #t~mem73.offset := read~$Pointer$(#t~mem72.base, #t~mem72.offset + 604 + 232, 4);call #t~mem74 := read~int(#t~mem73.base, #t~mem73.offset + 12, 4); {54333#true} is VALID [2018-11-14 17:19:50,530 INFO L273 TraceCheckUtils]: 72: Hoare triple {54333#true} assume !(~bitwiseAnd(#t~mem74, 256) % 4294967296 != 0);havoc #t~mem74;havoc #t~mem72.base, #t~mem72.offset;havoc #t~mem73.base, #t~mem73.offset;assume -2147483648 <= #t~nondet75 && #t~nondet75 <= 2147483647;~ret~0 := #t~nondet75;havoc #t~nondet75; {54333#true} is VALID [2018-11-14 17:19:50,530 INFO L273 TraceCheckUtils]: 73: Hoare triple {54333#true} assume ~blastFlag~0 == 2;~blastFlag~0 := 6; {54333#true} is VALID [2018-11-14 17:19:50,530 INFO L273 TraceCheckUtils]: 74: Hoare triple {54333#true} assume !(~ret~0 <= 0); {54333#true} is VALID [2018-11-14 17:19:50,530 INFO L273 TraceCheckUtils]: 75: Hoare triple {54333#true} call write~int(8528, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {54333#true} is VALID [2018-11-14 17:19:50,530 INFO L273 TraceCheckUtils]: 76: Hoare triple {54333#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {54333#true} is VALID [2018-11-14 17:19:50,530 INFO L273 TraceCheckUtils]: 77: Hoare triple {54333#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {54333#true} is VALID [2018-11-14 17:19:50,530 INFO L273 TraceCheckUtils]: 78: Hoare triple {54333#true} ~skip~0 := 0; {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 79: Hoare triple {54333#true} assume true; {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 80: Hoare triple {54333#true} assume !false; {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 81: Hoare triple {54333#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 82: Hoare triple {54333#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 83: Hoare triple {54333#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 84: Hoare triple {54333#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 85: Hoare triple {54333#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 86: Hoare triple {54333#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,531 INFO L273 TraceCheckUtils]: 87: Hoare triple {54333#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 88: Hoare triple {54333#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 89: Hoare triple {54333#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 90: Hoare triple {54333#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 91: Hoare triple {54333#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 92: Hoare triple {54333#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 93: Hoare triple {54333#true} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 94: Hoare triple {54333#true} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 95: Hoare triple {54333#true} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,532 INFO L273 TraceCheckUtils]: 96: Hoare triple {54333#true} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {54333#true} is VALID [2018-11-14 17:19:50,533 INFO L273 TraceCheckUtils]: 97: Hoare triple {54333#true} assume #t~mem39 == 8528;havoc #t~mem39; {54333#true} is VALID [2018-11-14 17:19:50,533 INFO L273 TraceCheckUtils]: 98: Hoare triple {54333#true} call #t~mem76.base, #t~mem76.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem77.base, #t~mem77.offset := read~$Pointer$(#t~mem76.base, #t~mem76.offset + 604 + 232, 4);call #t~mem78 := read~int(#t~mem77.base, #t~mem77.offset + 12, 4);~l~0 := #t~mem78;havoc #t~mem77.base, #t~mem77.offset;havoc #t~mem76.base, #t~mem76.offset;havoc #t~mem78;call #t~mem79 := read~int(~s.base, ~s.offset + 232, 4); {54333#true} is VALID [2018-11-14 17:19:50,533 INFO L273 TraceCheckUtils]: 99: Hoare triple {54333#true} assume ~bitwiseAnd(#t~mem79, 2097152) % 4294967296 != 0;havoc #t~mem79;call #t~mem80.base, #t~mem80.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem80.base, #t~mem80.offset + 604 + 267, 4);havoc #t~mem80.base, #t~mem80.offset; {54333#true} is VALID [2018-11-14 17:19:50,533 INFO L273 TraceCheckUtils]: 100: Hoare triple {54333#true} call #t~mem82.base, #t~mem82.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem83 := read~int(#t~mem82.base, #t~mem82.offset + 604 + 267, 4); {54333#true} is VALID [2018-11-14 17:19:50,533 INFO L273 TraceCheckUtils]: 101: Hoare triple {54333#true} assume #t~mem83 != 0;havoc #t~mem83;havoc #t~mem82.base, #t~mem82.offset; {54333#true} is VALID [2018-11-14 17:19:50,533 INFO L273 TraceCheckUtils]: 102: Hoare triple {54333#true} assume -2147483648 <= #t~nondet92 && #t~nondet92 <= 2147483647;~ret~0 := #t~nondet92;havoc #t~nondet92; {54333#true} is VALID [2018-11-14 17:19:50,534 INFO L273 TraceCheckUtils]: 103: Hoare triple {54333#true} assume ~blastFlag~0 == 6;~blastFlag~0 := 7; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,537 INFO L273 TraceCheckUtils]: 104: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(~ret~0 <= 0); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,539 INFO L273 TraceCheckUtils]: 105: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} call write~int(8544, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,539 INFO L273 TraceCheckUtils]: 106: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,541 INFO L273 TraceCheckUtils]: 107: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,541 INFO L273 TraceCheckUtils]: 108: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} ~skip~0 := 0; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,541 INFO L273 TraceCheckUtils]: 109: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume true; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,543 INFO L273 TraceCheckUtils]: 110: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !false; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,543 INFO L273 TraceCheckUtils]: 111: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,545 INFO L273 TraceCheckUtils]: 112: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,545 INFO L273 TraceCheckUtils]: 113: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,547 INFO L273 TraceCheckUtils]: 114: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,547 INFO L273 TraceCheckUtils]: 115: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,547 INFO L273 TraceCheckUtils]: 116: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,550 INFO L273 TraceCheckUtils]: 117: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,550 INFO L273 TraceCheckUtils]: 118: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,553 INFO L273 TraceCheckUtils]: 119: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,553 INFO L273 TraceCheckUtils]: 120: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,556 INFO L273 TraceCheckUtils]: 121: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,556 INFO L273 TraceCheckUtils]: 122: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,556 INFO L273 TraceCheckUtils]: 123: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,557 INFO L273 TraceCheckUtils]: 124: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,557 INFO L273 TraceCheckUtils]: 125: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,557 INFO L273 TraceCheckUtils]: 126: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,557 INFO L273 TraceCheckUtils]: 127: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,559 INFO L273 TraceCheckUtils]: 128: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,559 INFO L273 TraceCheckUtils]: 129: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume #t~mem41 == 8544;havoc #t~mem41; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,559 INFO L273 TraceCheckUtils]: 130: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} call #t~mem93 := read~int(~s.base, ~s.offset + 180, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,560 INFO L273 TraceCheckUtils]: 131: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume ~bitwiseAnd(#t~mem93, 1) != 0;havoc #t~mem93;call #t~mem94.base, #t~mem94.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem95.base, #t~mem95.offset := read~$Pointer$(#t~mem94.base, #t~mem94.offset + 148, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,560 INFO L273 TraceCheckUtils]: 132: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !((#t~mem95.base + #t~mem95.offset) % 4294967296 != 0);havoc #t~mem95.base, #t~mem95.offset;havoc #t~mem94.base, #t~mem94.offset; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,560 INFO L273 TraceCheckUtils]: 133: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} call #t~mem98.base, #t~mem98.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem99.base, #t~mem99.offset := read~$Pointer$(#t~mem98.base, #t~mem98.offset + 604 + 232, 4);call #t~mem100 := read~int(#t~mem99.base, #t~mem99.offset + 12, 4); {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,561 INFO L273 TraceCheckUtils]: 134: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume !(~bitwiseAnd(#t~mem100, 256) % 4294967296 != 0);havoc #t~mem100;havoc #t~mem99.base, #t~mem99.offset;havoc #t~mem98.base, #t~mem98.offset; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,561 INFO L273 TraceCheckUtils]: 135: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} call #t~mem103.base, #t~mem103.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(1, #t~mem103.base, #t~mem103.offset + 604 + 291, 4);havoc #t~mem103.base, #t~mem103.offset;assume -2147483648 <= #t~nondet104 && #t~nondet104 <= 2147483647;~ret~0 := #t~nondet104;havoc #t~nondet104; {54335#(<= ssl3_accept_~blastFlag~0 7)} is VALID [2018-11-14 17:19:50,562 INFO L273 TraceCheckUtils]: 136: Hoare triple {54335#(<= ssl3_accept_~blastFlag~0 7)} assume ~blastFlag~0 == 8; {54334#false} is VALID [2018-11-14 17:19:50,562 INFO L273 TraceCheckUtils]: 137: Hoare triple {54334#false} assume !false; {54334#false} is VALID [2018-11-14 17:19:50,571 INFO L134 CoverageAnalysis]: Checked inductivity of 164 backedges. 72 proven. 0 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2018-11-14 17:19:50,572 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:50,572 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-14 17:19:50,572 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 138 [2018-11-14 17:19:50,572 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:50,572 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2018-11-14 17:19:50,664 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 91 edges. 91 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:50,665 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-14 17:19:50,665 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-14 17:19:50,665 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:50,665 INFO L87 Difference]: Start difference. First operand 1239 states and 1916 transitions. Second operand 3 states. [2018-11-14 17:19:51,977 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:51,977 INFO L93 Difference]: Finished difference Result 1486 states and 2296 transitions. [2018-11-14 17:19:51,977 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-14 17:19:51,977 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 138 [2018-11-14 17:19:51,978 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-14 17:19:51,978 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:51,980 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 405 transitions. [2018-11-14 17:19:51,980 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-14 17:19:51,982 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 405 transitions. [2018-11-14 17:19:51,982 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 405 transitions. [2018-11-14 17:19:52,506 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 405 edges. 405 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:52,585 INFO L225 Difference]: With dead ends: 1486 [2018-11-14 17:19:52,585 INFO L226 Difference]: Without dead ends: 1484 [2018-11-14 17:19:52,585 INFO L604 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-14 17:19:52,586 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1484 states. [2018-11-14 17:19:53,593 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1484 to 1482. [2018-11-14 17:19:53,594 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-14 17:19:53,594 INFO L82 GeneralOperation]: Start isEquivalent. First operand 1484 states. Second operand 1482 states. [2018-11-14 17:19:53,594 INFO L74 IsIncluded]: Start isIncluded. First operand 1484 states. Second operand 1482 states. [2018-11-14 17:19:53,594 INFO L87 Difference]: Start difference. First operand 1484 states. Second operand 1482 states. [2018-11-14 17:19:53,666 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:53,666 INFO L93 Difference]: Finished difference Result 1484 states and 2294 transitions. [2018-11-14 17:19:53,667 INFO L276 IsEmpty]: Start isEmpty. Operand 1484 states and 2294 transitions. [2018-11-14 17:19:53,668 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:53,668 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:53,668 INFO L74 IsIncluded]: Start isIncluded. First operand 1482 states. Second operand 1484 states. [2018-11-14 17:19:53,668 INFO L87 Difference]: Start difference. First operand 1482 states. Second operand 1484 states. [2018-11-14 17:19:53,730 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-14 17:19:53,730 INFO L93 Difference]: Finished difference Result 1484 states and 2294 transitions. [2018-11-14 17:19:53,730 INFO L276 IsEmpty]: Start isEmpty. Operand 1484 states and 2294 transitions. [2018-11-14 17:19:53,731 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-14 17:19:53,732 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-14 17:19:53,732 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-14 17:19:53,732 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-14 17:19:53,732 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1482 states. [2018-11-14 17:19:53,804 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1482 states to 1482 states and 2293 transitions. [2018-11-14 17:19:53,804 INFO L78 Accepts]: Start accepts. Automaton has 1482 states and 2293 transitions. Word has length 138 [2018-11-14 17:19:53,804 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-14 17:19:53,804 INFO L480 AbstractCegarLoop]: Abstraction has 1482 states and 2293 transitions. [2018-11-14 17:19:53,804 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-14 17:19:53,804 INFO L276 IsEmpty]: Start isEmpty. Operand 1482 states and 2293 transitions. [2018-11-14 17:19:53,806 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 146 [2018-11-14 17:19:53,806 INFO L367 BasicCegarLoop]: Found error trace [2018-11-14 17:19:53,806 INFO L375 BasicCegarLoop]: trace histogram [5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-14 17:19:53,806 INFO L423 AbstractCegarLoop]: === Iteration 28 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-14 17:19:53,806 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-14 17:19:53,807 INFO L82 PathProgramCache]: Analyzing trace with hash -949365121, now seen corresponding path program 1 times [2018-11-14 17:19:53,807 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-14 17:19:53,807 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-14 17:19:53,808 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:53,808 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-14 17:19:53,808 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-14 17:19:53,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-14 17:19:53,961 INFO L256 TraceCheckUtils]: 0: Hoare triple {60664#true} call ULTIMATE.init(); {60664#true} is VALID [2018-11-14 17:19:53,961 INFO L273 TraceCheckUtils]: 1: Hoare triple {60664#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];~init~0 := 1;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100);call write~unchecked~int(0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 0, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 4, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 8, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 12, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 16, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 20, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 24, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 28, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 32, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 36, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 40, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 44, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 48, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 52, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 56, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 60, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 64, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 68, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 72, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 76, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 80, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 84, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 88, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 92, 4);call write~$Pointer$(0, 0, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset + 96, 4); {60664#true} is VALID [2018-11-14 17:19:53,961 INFO L273 TraceCheckUtils]: 2: Hoare triple {60664#true} assume true; {60664#true} is VALID [2018-11-14 17:19:53,962 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {60664#true} {60664#true} #682#return; {60664#true} is VALID [2018-11-14 17:19:53,962 INFO L256 TraceCheckUtils]: 4: Hoare triple {60664#true} call #t~ret138 := main(); {60664#true} is VALID [2018-11-14 17:19:53,962 INFO L273 TraceCheckUtils]: 5: Hoare triple {60664#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~s~0.offset + 84, 4);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~s~0.offset + 204, 4);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~s~0.offset + 176, 4); {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L256 TraceCheckUtils]: 6: Hoare triple {60664#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 7: Hoare triple {60664#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;assume -2147483648 <= #t~nondet8 && #t~nondet8 <= 2147483647;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;assume -2147483648 <= #t~nondet9 && #t~nondet9 <= 2147483647;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;assume -2147483648 <= #t~nondet10 && #t~nondet10 <= 2147483647;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;assume -2147483648 <= #t~nondet11 && #t~nondet11 <= 2147483647;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;assume -2147483648 <= #t~nondet12 && #t~nondet12 <= 2147483647;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;assume -2147483648 <= #t~nondet13 && #t~nondet13 <= 2147483647;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;assume -2147483648 <= #t~nondet14 && #t~nondet14 <= 2147483647;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;assume -2147483648 <= #t~nondet15 && #t~nondet15 <= 2147483647;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;assume -2147483648 <= #t~nondet16 && #t~nondet16 <= 2147483647;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~int(8464, ~s.base, ~s.offset + 52, 4);~blastFlag~0 := 0;assume -2147483648 <= #t~nondet17 && #t~nondet17 <= 2147483647;call write~int(#t~nondet17, ~s.base, ~s.offset + 92, 4);havoc #t~nondet17;call write~int(8464, ~s.base, ~s.offset + 52, 4);assume -2147483648 <= #t~nondet18 && #t~nondet18 <= 2147483647;~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0, 0;~ret~0 := -1;~skip~0 := 0;~got_new_session~0 := 0;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4); {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 8: Hoare triple {60664#true} assume (#t~mem19.base + #t~mem19.offset) % 4294967296 != 0;havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~s.offset + 192, 4);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 9: Hoare triple {60664#true} call #t~mem21 := read~int(~s.base, ~s.offset + 28, 4);call write~int(#t~mem21 + 1, ~s.base, ~s.offset + 28, 4);havoc #t~mem21; {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 10: Hoare triple {60664#true} assume !(~bitwiseAnd(~tmp___1~0, 12288) != 0); {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 11: Hoare triple {60664#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~s.offset + 136, 4); {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 12: Hoare triple {60664#true} assume !((#t~mem22.base + #t~mem22.offset) % 4294967296 == 0);havoc #t~mem22.base, #t~mem22.offset; {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 13: Hoare triple {60664#true} assume true; {60664#true} is VALID [2018-11-14 17:19:53,963 INFO L273 TraceCheckUtils]: 14: Hoare triple {60664#true} assume !false; {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 15: Hoare triple {60664#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 16: Hoare triple {60664#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 17: Hoare triple {60664#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 18: Hoare triple {60664#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 19: Hoare triple {60664#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 20: Hoare triple {60664#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 21: Hoare triple {60664#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 22: Hoare triple {60664#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,964 INFO L273 TraceCheckUtils]: 23: Hoare triple {60664#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 24: Hoare triple {60664#true} assume #t~mem32 == 8464;havoc #t~mem32; {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 25: Hoare triple {60664#true} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet69 && #t~nondet69 <= 2147483647;~ret~0 := #t~nondet69;havoc #t~nondet69; {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 26: Hoare triple {60664#true} assume ~blastFlag~0 == 0;~blastFlag~0 := 1; {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 27: Hoare triple {60664#true} assume !(~ret~0 <= 0);~got_new_session~0 := 1;call write~int(8496, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 28: Hoare triple {60664#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 29: Hoare triple {60664#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 30: Hoare triple {60664#true} ~skip~0 := 0; {60664#true} is VALID [2018-11-14 17:19:53,965 INFO L273 TraceCheckUtils]: 31: Hoare triple {60664#true} assume true; {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 32: Hoare triple {60664#true} assume !false; {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 33: Hoare triple {60664#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 34: Hoare triple {60664#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 35: Hoare triple {60664#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 36: Hoare triple {60664#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 37: Hoare triple {60664#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 38: Hoare triple {60664#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 39: Hoare triple {60664#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,966 INFO L273 TraceCheckUtils]: 40: Hoare triple {60664#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 41: Hoare triple {60664#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 42: Hoare triple {60664#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 43: Hoare triple {60664#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 44: Hoare triple {60664#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 45: Hoare triple {60664#true} assume #t~mem35 == 8496;havoc #t~mem35; {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 46: Hoare triple {60664#true} assume -2147483648 <= #t~nondet70 && #t~nondet70 <= 2147483647;~ret~0 := #t~nondet70;havoc #t~nondet70; {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 47: Hoare triple {60664#true} assume ~blastFlag~0 == 1;~blastFlag~0 := 2; {60664#true} is VALID [2018-11-14 17:19:53,967 INFO L273 TraceCheckUtils]: 48: Hoare triple {60664#true} assume !(~ret~0 <= 0);call #t~mem71 := read~int(~s.base, ~s.offset + 92, 4); {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 49: Hoare triple {60664#true} assume #t~mem71 != 0;havoc #t~mem71;call write~int(8656, ~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 50: Hoare triple {60664#true} call write~int(0, ~s.base, ~s.offset + 64, 4); {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 51: Hoare triple {60664#true} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 52: Hoare triple {60664#true} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 53: Hoare triple {60664#true} ~skip~0 := 0; {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 54: Hoare triple {60664#true} assume true; {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 55: Hoare triple {60664#true} assume !false; {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 56: Hoare triple {60664#true} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,968 INFO L273 TraceCheckUtils]: 57: Hoare triple {60664#true} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 58: Hoare triple {60664#true} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 59: Hoare triple {60664#true} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 60: Hoare triple {60664#true} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 61: Hoare triple {60664#true} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 62: Hoare triple {60664#true} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 63: Hoare triple {60664#true} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 64: Hoare triple {60664#true} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 65: Hoare triple {60664#true} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,969 INFO L273 TraceCheckUtils]: 66: Hoare triple {60664#true} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 67: Hoare triple {60664#true} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 68: Hoare triple {60664#true} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 69: Hoare triple {60664#true} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 70: Hoare triple {60664#true} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 71: Hoare triple {60664#true} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 72: Hoare triple {60664#true} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 73: Hoare triple {60664#true} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 74: Hoare triple {60664#true} assume !(#t~mem41 == 8544);havoc #t~mem41;call #t~mem42 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,970 INFO L273 TraceCheckUtils]: 75: Hoare triple {60664#true} assume !(#t~mem42 == 8545);havoc #t~mem42;call #t~mem43 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 76: Hoare triple {60664#true} assume !(#t~mem43 == 8560);havoc #t~mem43;call #t~mem44 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 77: Hoare triple {60664#true} assume !(#t~mem44 == 8561);havoc #t~mem44;call #t~mem45 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 78: Hoare triple {60664#true} assume !(#t~mem45 == 8448);havoc #t~mem45;call #t~mem46 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 79: Hoare triple {60664#true} assume !(#t~mem46 == 8576);havoc #t~mem46;call #t~mem47 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 80: Hoare triple {60664#true} assume !(#t~mem47 == 8577);havoc #t~mem47;call #t~mem48 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 81: Hoare triple {60664#true} assume !(#t~mem48 == 8592);havoc #t~mem48;call #t~mem49 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 82: Hoare triple {60664#true} assume !(#t~mem49 == 8593);havoc #t~mem49;call #t~mem50 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 83: Hoare triple {60664#true} assume !(#t~mem50 == 8608);havoc #t~mem50;call #t~mem51 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,971 INFO L273 TraceCheckUtils]: 84: Hoare triple {60664#true} assume !(#t~mem51 == 8609);havoc #t~mem51;call #t~mem52 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,972 INFO L273 TraceCheckUtils]: 85: Hoare triple {60664#true} assume !(#t~mem52 == 8640);havoc #t~mem52;call #t~mem53 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,972 INFO L273 TraceCheckUtils]: 86: Hoare triple {60664#true} assume !(#t~mem53 == 8641);havoc #t~mem53;call #t~mem54 := read~int(~s.base, ~s.offset + 52, 4); {60664#true} is VALID [2018-11-14 17:19:53,972 INFO L273 TraceCheckUtils]: 87: Hoare triple {60664#true} assume #t~mem54 == 8656;havoc #t~mem54; {60664#true} is VALID [2018-11-14 17:19:53,972 INFO L273 TraceCheckUtils]: 88: Hoare triple {60664#true} call #t~mem117.base, #t~mem117.offset := read~$Pointer$(~s.base, ~s.offset + 176, 4);call #t~mem118.base, #t~mem118.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem119.base, #t~mem119.offset := read~$Pointer$(#t~mem118.base, #t~mem118.offset + 604 + 232, 4);call write~$Pointer$(#t~mem119.base, #t~mem119.offset, #t~mem117.base, #t~mem117.offset + 172, 4);havoc #t~mem117.base, #t~mem117.offset;havoc #t~mem118.base, #t~mem118.offset;havoc #t~mem119.base, #t~mem119.offset; {60664#true} is VALID [2018-11-14 17:19:53,972 INFO L273 TraceCheckUtils]: 89: Hoare triple {60664#true} assume !(~tmp___9~0 == 0);assume -2147483648 <= #t~nondet120 && #t~nondet120 <= 2147483647;~ret~0 := #t~nondet120;havoc #t~nondet120; {60664#true} is VALID [2018-11-14 17:19:53,972 INFO L273 TraceCheckUtils]: 90: Hoare triple {60664#true} assume ~blastFlag~0 == 2;~blastFlag~0 := 3; {60664#true} is VALID [2018-11-14 17:19:53,973 INFO L273 TraceCheckUtils]: 91: Hoare triple {60664#true} assume !(~ret~0 <= 0);call write~int(8672, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,976 INFO L273 TraceCheckUtils]: 92: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !(~tmp___10~0 == 0); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,976 INFO L273 TraceCheckUtils]: 93: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,978 INFO L273 TraceCheckUtils]: 94: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,980 INFO L273 TraceCheckUtils]: 95: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} ~skip~0 := 0; {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,980 INFO L273 TraceCheckUtils]: 96: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume true; {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,980 INFO L273 TraceCheckUtils]: 97: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !false; {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,981 INFO L273 TraceCheckUtils]: 98: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,981 INFO L273 TraceCheckUtils]: 99: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,981 INFO L273 TraceCheckUtils]: 100: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,982 INFO L273 TraceCheckUtils]: 101: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,982 INFO L273 TraceCheckUtils]: 102: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} is VALID [2018-11-14 17:19:53,982 INFO L273 TraceCheckUtils]: 103: Hoare triple {60666#(= (select (select |#memory_int| ssl3_accept_~s.base) (+ ssl3_accept_~s.offset 52)) 8672)} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {60667#(= |ssl3_accept_#t~mem29| 8672)} is VALID [2018-11-14 17:19:53,983 INFO L273 TraceCheckUtils]: 104: Hoare triple {60667#(= |ssl3_accept_#t~mem29| 8672)} assume #t~mem29 == 8480;havoc #t~mem29; {60665#false} is VALID [2018-11-14 17:19:53,983 INFO L273 TraceCheckUtils]: 105: Hoare triple {60665#false} call write~int(0, ~s.base, ~s.offset + 48, 4);assume -2147483648 <= #t~nondet67 && #t~nondet67 <= 2147483647;~ret~0 := #t~nondet67;havoc #t~nondet67; {60665#false} is VALID [2018-11-14 17:19:53,983 INFO L273 TraceCheckUtils]: 106: Hoare triple {60665#false} assume !(~ret~0 <= 0);call #t~mem68.base, #t~mem68.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call write~int(8482, #t~mem68.base, #t~mem68.offset + 604 + 240, 4);havoc #t~mem68.base, #t~mem68.offset;call write~int(8448, ~s.base, ~s.offset + 52, 4);call write~int(0, ~s.base, ~s.offset + 64, 4); {60665#false} is VALID [2018-11-14 17:19:53,983 INFO L273 TraceCheckUtils]: 107: Hoare triple {60665#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~s.offset + 84, 4);call #t~mem128 := read~int(#t~mem127.base, #t~mem127.offset + 604 + 244, 4); {60665#false} is VALID [2018-11-14 17:19:53,983 INFO L273 TraceCheckUtils]: 108: Hoare triple {60665#false} assume !(#t~mem128 == 0);havoc #t~mem127.base, #t~mem127.offset;havoc #t~mem128; {60665#false} is VALID [2018-11-14 17:19:53,983 INFO L273 TraceCheckUtils]: 109: Hoare triple {60665#false} ~skip~0 := 0; {60665#false} is VALID [2018-11-14 17:19:53,983 INFO L273 TraceCheckUtils]: 110: Hoare triple {60665#false} assume true; {60665#false} is VALID [2018-11-14 17:19:53,984 INFO L273 TraceCheckUtils]: 111: Hoare triple {60665#false} assume !false; {60665#false} is VALID [2018-11-14 17:19:53,984 INFO L273 TraceCheckUtils]: 112: Hoare triple {60665#false} call #t~mem23 := read~int(~s.base, ~s.offset + 52, 4);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,984 INFO L273 TraceCheckUtils]: 113: Hoare triple {60665#false} assume !(#t~mem24 == 12292);havoc #t~mem24;call #t~mem25 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,984 INFO L273 TraceCheckUtils]: 114: Hoare triple {60665#false} assume !(#t~mem25 == 16384);havoc #t~mem25;call #t~mem26 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,984 INFO L273 TraceCheckUtils]: 115: Hoare triple {60665#false} assume !(#t~mem26 == 8192);havoc #t~mem26;call #t~mem27 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,984 INFO L273 TraceCheckUtils]: 116: Hoare triple {60665#false} assume !(#t~mem27 == 24576);havoc #t~mem27;call #t~mem28 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,985 INFO L273 TraceCheckUtils]: 117: Hoare triple {60665#false} assume !(#t~mem28 == 8195);havoc #t~mem28;call #t~mem29 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,985 INFO L273 TraceCheckUtils]: 118: Hoare triple {60665#false} assume !(#t~mem29 == 8480);havoc #t~mem29;call #t~mem30 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,985 INFO L273 TraceCheckUtils]: 119: Hoare triple {60665#false} assume !(#t~mem30 == 8481);havoc #t~mem30;call #t~mem31 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,985 INFO L273 TraceCheckUtils]: 120: Hoare triple {60665#false} assume !(#t~mem31 == 8482);havoc #t~mem31;call #t~mem32 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,985 INFO L273 TraceCheckUtils]: 121: Hoare triple {60665#false} assume !(#t~mem32 == 8464);havoc #t~mem32;call #t~mem33 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 122: Hoare triple {60665#false} assume !(#t~mem33 == 8465);havoc #t~mem33;call #t~mem34 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 123: Hoare triple {60665#false} assume !(#t~mem34 == 8466);havoc #t~mem34;call #t~mem35 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 124: Hoare triple {60665#false} assume !(#t~mem35 == 8496);havoc #t~mem35;call #t~mem36 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 125: Hoare triple {60665#false} assume !(#t~mem36 == 8497);havoc #t~mem36;call #t~mem37 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 126: Hoare triple {60665#false} assume !(#t~mem37 == 8512);havoc #t~mem37;call #t~mem38 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 127: Hoare triple {60665#false} assume !(#t~mem38 == 8513);havoc #t~mem38;call #t~mem39 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 128: Hoare triple {60665#false} assume !(#t~mem39 == 8528);havoc #t~mem39;call #t~mem40 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 129: Hoare triple {60665#false} assume !(#t~mem40 == 8529);havoc #t~mem40;call #t~mem41 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,986 INFO L273 TraceCheckUtils]: 130: Hoare triple {60665#false} assume !(#t~mem41 == 8544);havoc #t~mem41;call #t~mem42 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 131: Hoare triple {60665#false} assume !(#t~mem42 == 8545);havoc #t~mem42;call #t~mem43 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 132: Hoare triple {60665#false} assume !(#t~mem43 == 8560);havoc #t~mem43;call #t~mem44 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 133: Hoare triple {60665#false} assume !(#t~mem44 == 8561);havoc #t~mem44;call #t~mem45 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 134: Hoare triple {60665#false} assume !(#t~mem45 == 8448);havoc #t~mem45;call #t~mem46 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 135: Hoare triple {60665#false} assume !(#t~mem46 == 8576);havoc #t~mem46;call #t~mem47 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 136: Hoare triple {60665#false} assume !(#t~mem47 == 8577);havoc #t~mem47;call #t~mem48 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 137: Hoare triple {60665#false} assume !(#t~mem48 == 8592);havoc #t~mem48;call #t~mem49 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 138: Hoare triple {60665#false} assume !(#t~mem49 == 8593);havoc #t~mem49;call #t~mem50 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,987 INFO L273 TraceCheckUtils]: 139: Hoare triple {60665#false} assume !(#t~mem50 == 8608);havoc #t~mem50;call #t~mem51 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,988 INFO L273 TraceCheckUtils]: 140: Hoare triple {60665#false} assume !(#t~mem51 == 8609);havoc #t~mem51;call #t~mem52 := read~int(~s.base, ~s.offset + 52, 4); {60665#false} is VALID [2018-11-14 17:19:53,988 INFO L273 TraceCheckUtils]: 141: Hoare triple {60665#false} assume #t~mem52 == 8640;havoc #t~mem52; {60665#false} is VALID [2018-11-14 17:19:53,988 INFO L273 TraceCheckUtils]: 142: Hoare triple {60665#false} assume -2147483648 <= #t~nondet115 && #t~nondet115 <= 2147483647;~ret~0 := #t~nondet115;havoc #t~nondet115; {60665#false} is VALID [2018-11-14 17:19:53,988 INFO L273 TraceCheckUtils]: 143: Hoare triple {60665#false} assume ~blastFlag~0 == 4; {60665#false} is VALID [2018-11-14 17:19:53,988 INFO L273 TraceCheckUtils]: 144: Hoare triple {60665#false} assume !false; {60665#false} is VALID [2018-11-14 17:19:53,998 INFO L134 CoverageAnalysis]: Checked inductivity of 152 backedges. 110 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2018-11-14 17:19:53,998 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-14 17:19:53,998 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-14 17:19:53,998 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 145 [2018-11-14 17:19:53,999 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-14 17:19:53,999 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-14 17:19:54,105 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 117 edges. 117 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-14 17:19:54,105 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-14 17:19:54,105 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-14 17:19:54,105 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-14 17:19:54,105 INFO L87 Difference]: Start difference. First operand 1482 states and 2293 transitions. Second operand 4 states.