java -ea -Xmx8000000000 -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc ../../../trunk/examples/toolchains/AutomizerCInline_WitnessPrinter.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf -i ../../../trunk/examples/svcomp/ssh/s3_srvr.blast.10_false-unreach-call.i.cil.c -------------------------------------------------------------------------------- This is Ultimate 0.1.23-61f4311 [2018-11-23 10:58:36,066 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-23 10:58:36,068 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-23 10:58:36,089 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-23 10:58:36,089 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-23 10:58:36,091 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-23 10:58:36,092 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-23 10:58:36,094 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-23 10:58:36,095 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-23 10:58:36,096 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-23 10:58:36,097 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-23 10:58:36,097 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-23 10:58:36,098 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-23 10:58:36,100 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-23 10:58:36,101 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-23 10:58:36,102 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-23 10:58:36,103 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-23 10:58:36,104 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-23 10:58:36,107 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-23 10:58:36,108 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-23 10:58:36,109 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-23 10:58:36,110 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-23 10:58:36,113 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-23 10:58:36,113 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-23 10:58:36,114 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-23 10:58:36,115 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-23 10:58:36,116 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-23 10:58:36,117 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-23 10:58:36,117 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-23 10:58:36,119 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-23 10:58:36,119 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-23 10:58:36,119 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-23 10:58:36,120 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-23 10:58:36,120 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-23 10:58:36,121 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-23 10:58:36,122 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-23 10:58:36,122 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf [2018-11-23 10:58:36,138 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-23 10:58:36,138 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-23 10:58:36,139 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-23 10:58:36,140 INFO L133 SettingsManager]: * ... calls to implemented procedures=ONLY_FOR_CONCURRENT_PROGRAMS [2018-11-23 10:58:36,140 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-23 10:58:36,140 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-23 10:58:36,141 INFO L133 SettingsManager]: * Use SBE=true [2018-11-23 10:58:36,141 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-23 10:58:36,141 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-23 10:58:36,141 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-23 10:58:36,141 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-23 10:58:36,142 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-23 10:58:36,142 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-23 10:58:36,142 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-23 10:58:36,142 INFO L133 SettingsManager]: * Use bitvectors instead of ints=true [2018-11-23 10:58:36,142 INFO L133 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2018-11-23 10:58:36,143 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-23 10:58:36,143 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-23 10:58:36,143 INFO L133 SettingsManager]: * Use constant arrays=true [2018-11-23 10:58:36,143 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-23 10:58:36,143 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-23 10:58:36,144 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-23 10:58:36,144 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-23 10:58:36,144 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-23 10:58:36,144 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 10:58:36,145 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-23 10:58:36,145 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-23 10:58:36,145 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-23 10:58:36,145 INFO L133 SettingsManager]: * Trace refinement strategy=WOLF [2018-11-23 10:58:36,145 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-23 10:58:36,146 INFO L133 SettingsManager]: * Command for external solver=cvc4nyu --tear-down-incremental --rewrite-divk --print-success --lang smt [2018-11-23 10:58:36,146 INFO L133 SettingsManager]: * Logic for external solver=AUFBV [2018-11-23 10:58:36,146 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2018-11-23 10:58:36,202 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-23 10:58:36,223 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-23 10:58:36,227 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-23 10:58:36,229 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-23 10:58:36,230 INFO L276 PluginConnector]: CDTParser initialized [2018-11-23 10:58:36,231 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/ssh/s3_srvr.blast.10_false-unreach-call.i.cil.c [2018-11-23 10:58:36,303 INFO L221 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/39d105ae1/2ad12c20889c4afd8a23bca58911db0f/FLAGdf0703714 [2018-11-23 10:58:36,872 INFO L307 CDTParser]: Found 1 translation units. [2018-11-23 10:58:36,875 INFO L161 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/ssh/s3_srvr.blast.10_false-unreach-call.i.cil.c [2018-11-23 10:58:36,913 INFO L355 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/39d105ae1/2ad12c20889c4afd8a23bca58911db0f/FLAGdf0703714 [2018-11-23 10:58:37,075 INFO L363 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/39d105ae1/2ad12c20889c4afd8a23bca58911db0f [2018-11-23 10:58:37,085 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-23 10:58:37,087 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2018-11-23 10:58:37,088 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-23 10:58:37,088 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-23 10:58:37,092 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-23 10:58:37,094 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 10:58:37" (1/1) ... [2018-11-23 10:58:37,097 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@26bf9707 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:37, skipping insertion in model container [2018-11-23 10:58:37,097 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 10:58:37" (1/1) ... [2018-11-23 10:58:37,108 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-23 10:58:37,192 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-23 10:58:37,802 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 10:58:37,828 INFO L191 MainTranslator]: Completed pre-run [2018-11-23 10:58:38,142 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 10:58:38,184 INFO L195 MainTranslator]: Completed translation [2018-11-23 10:58:38,185 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38 WrapperNode [2018-11-23 10:58:38,185 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-23 10:58:38,186 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2018-11-23 10:58:38,187 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2018-11-23 10:58:38,187 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2018-11-23 10:58:38,198 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,256 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,276 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2018-11-23 10:58:38,277 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-23 10:58:38,277 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-23 10:58:38,277 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-23 10:58:38,292 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,292 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,313 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,314 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,423 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,440 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,450 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... [2018-11-23 10:58:38,462 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-23 10:58:38,463 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-23 10:58:38,463 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-23 10:58:38,463 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-23 10:58:38,465 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 10:58:38,523 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2018-11-23 10:58:38,523 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-23 10:58:38,523 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-23 10:58:38,523 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE4 [2018-11-23 10:58:38,523 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2018-11-23 10:58:38,523 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-23 10:58:38,524 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE4 [2018-11-23 10:58:38,524 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2018-11-23 10:58:38,524 INFO L130 BoogieDeclarations]: Found specification of procedure ssl3_accept [2018-11-23 10:58:38,524 INFO L138 BoogieDeclarations]: Found implementation of procedure ssl3_accept [2018-11-23 10:58:38,524 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-23 10:58:38,525 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-23 10:58:38,525 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-23 10:58:38,525 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-23 10:58:38,525 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2018-11-23 10:58:39,160 WARN L640 $ProcedureCfgBuilder]: Two Gotos in a row! There was dead code [2018-11-23 10:58:39,160 WARN L605 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2018-11-23 10:58:43,821 INFO L275 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-23 10:58:43,821 INFO L280 CfgBuilder]: Removed 1 assue(true) statements. [2018-11-23 10:58:43,822 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 10:58:43 BoogieIcfgContainer [2018-11-23 10:58:43,822 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-23 10:58:43,823 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-23 10:58:43,823 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-23 10:58:43,826 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-23 10:58:43,827 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 10:58:37" (1/3) ... [2018-11-23 10:58:43,828 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@67ea8a74 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 10:58:43, skipping insertion in model container [2018-11-23 10:58:43,828 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 10:58:38" (2/3) ... [2018-11-23 10:58:43,828 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@67ea8a74 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 10:58:43, skipping insertion in model container [2018-11-23 10:58:43,828 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 10:58:43" (3/3) ... [2018-11-23 10:58:43,830 INFO L112 eAbstractionObserver]: Analyzing ICFG s3_srvr.blast.10_false-unreach-call.i.cil.c [2018-11-23 10:58:43,841 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-23 10:58:43,849 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-11-23 10:58:43,864 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-11-23 10:58:43,899 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-23 10:58:43,900 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-23 10:58:43,900 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-23 10:58:43,901 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-23 10:58:43,901 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-23 10:58:43,901 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-23 10:58:43,901 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-23 10:58:43,901 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-23 10:58:43,902 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-23 10:58:43,926 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states. [2018-11-23 10:58:43,937 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2018-11-23 10:58:43,937 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 10:58:43,939 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 10:58:43,941 INFO L423 AbstractCegarLoop]: === Iteration 1 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 10:58:43,948 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 10:58:43,948 INFO L82 PathProgramCache]: Analyzing trace with hash -1806902516, now seen corresponding path program 1 times [2018-11-23 10:58:43,955 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 10:58:43,956 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 10:58:43,981 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 10:58:44,218 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 10:58:44,318 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 10:58:44,325 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 10:58:44,670 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 20 [2018-11-23 10:58:44,713 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 23 [2018-11-23 10:58:44,792 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:58:44,801 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 33 [2018-11-23 10:58:44,895 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:58:44,942 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 27 [2018-11-23 10:58:44,946 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 10:58:44,978 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:45,036 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:45,048 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:45,136 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:45,137 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:27, output treesize:13 [2018-11-23 10:58:45,160 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:58:45,160 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_int_181|, |v_ssl3_accept_#t~nondet17_3|]. (and (= (store |v_#memory_int_181| ssl3_accept_~s.base (let ((.cse0 (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (store (store (store (select |v_#memory_int_181| ssl3_accept_~s.base) .cse0 (_ bv8464 32)) (bvadd ssl3_accept_~s.offset (_ bv92 32)) |v_ssl3_accept_#t~nondet17_3|) .cse0 (_ bv8464 32)))) |#memory_int|) (= ssl3_accept_~s.offset (_ bv0 32))) [2018-11-23 10:58:45,161 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) [2018-11-23 10:58:45,411 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:58:45,413 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 38 [2018-11-23 10:58:45,426 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:58:45,480 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:58:45,482 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 35 [2018-11-23 10:58:45,552 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 10:58:45,621 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:45,631 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:45,631 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:34, output treesize:13 [2018-11-23 10:58:47,663 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:58:47,663 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_int_182|]. (let ((.cse0 (select |v_#memory_int_182| ssl3_accept_~s.base))) (and (= (store |v_#memory_int_182| ssl3_accept_~s.base (let ((.cse1 (bvadd ssl3_accept_~s.offset (_ bv28 32)))) (store .cse0 .cse1 (bvadd (select .cse0 .cse1) (_ bv1 32))))) |#memory_int|) (= ssl3_accept_~s.offset (_ bv0 32)) (= (select .cse0 (bvadd ssl3_accept_~s.offset (_ bv52 32))) (_ bv8464 32)))) [2018-11-23 10:58:47,664 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) [2018-11-23 10:58:47,784 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 13 [2018-11-23 10:58:47,789 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 5 [2018-11-23 10:58:47,790 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 10:58:47,793 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:47,796 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:58:47,796 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:17, output treesize:5 [2018-11-23 10:58:47,802 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:58:47,803 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base]. (let ((.cse0 (select (select |#memory_int| ssl3_accept_~s.base) (_ bv52 32)))) (and (= (bvadd .cse0 (_ bv4294958832 32)) (_ bv0 32)) (= |ssl3_accept_#t~mem52| .cse0))) [2018-11-23 10:58:47,803 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= (bvadd |ssl3_accept_#t~mem52| (_ bv4294958832 32)) (_ bv0 32)) [2018-11-23 10:58:47,820 INFO L256 TraceCheckUtils]: 0: Hoare triple {157#true} call ULTIMATE.init(); {157#true} is VALID [2018-11-23 10:58:47,825 INFO L273 TraceCheckUtils]: 1: Hoare triple {157#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {157#true} is VALID [2018-11-23 10:58:47,826 INFO L273 TraceCheckUtils]: 2: Hoare triple {157#true} assume true; {157#true} is VALID [2018-11-23 10:58:47,826 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {157#true} {157#true} #616#return; {157#true} is VALID [2018-11-23 10:58:47,826 INFO L256 TraceCheckUtils]: 4: Hoare triple {157#true} call #t~ret138 := main(); {157#true} is VALID [2018-11-23 10:58:47,832 INFO L273 TraceCheckUtils]: 5: Hoare triple {157#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {177#(= main_~s~0.offset (_ bv0 32))} is VALID [2018-11-23 10:58:47,834 INFO L256 TraceCheckUtils]: 6: Hoare triple {177#(= main_~s~0.offset (_ bv0 32))} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {181#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} is VALID [2018-11-23 10:58:47,838 INFO L273 TraceCheckUtils]: 7: Hoare triple {181#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,841 INFO L273 TraceCheckUtils]: 8: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,852 INFO L273 TraceCheckUtils]: 9: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,853 INFO L273 TraceCheckUtils]: 10: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,857 INFO L273 TraceCheckUtils]: 11: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,857 INFO L273 TraceCheckUtils]: 12: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,859 INFO L273 TraceCheckUtils]: 13: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !false; {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,859 INFO L273 TraceCheckUtils]: 14: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,860 INFO L273 TraceCheckUtils]: 15: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,878 INFO L273 TraceCheckUtils]: 16: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,888 INFO L273 TraceCheckUtils]: 17: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,903 INFO L273 TraceCheckUtils]: 18: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,908 INFO L273 TraceCheckUtils]: 19: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,909 INFO L273 TraceCheckUtils]: 20: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,911 INFO L273 TraceCheckUtils]: 21: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,913 INFO L273 TraceCheckUtils]: 22: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,916 INFO L273 TraceCheckUtils]: 23: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,917 INFO L273 TraceCheckUtils]: 24: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,918 INFO L273 TraceCheckUtils]: 25: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,920 INFO L273 TraceCheckUtils]: 26: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,922 INFO L273 TraceCheckUtils]: 27: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,925 INFO L273 TraceCheckUtils]: 28: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,926 INFO L273 TraceCheckUtils]: 29: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,927 INFO L273 TraceCheckUtils]: 30: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,929 INFO L273 TraceCheckUtils]: 31: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,930 INFO L273 TraceCheckUtils]: 32: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,931 INFO L273 TraceCheckUtils]: 33: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,931 INFO L273 TraceCheckUtils]: 34: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,932 INFO L273 TraceCheckUtils]: 35: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,941 INFO L273 TraceCheckUtils]: 36: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,942 INFO L273 TraceCheckUtils]: 37: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,943 INFO L273 TraceCheckUtils]: 38: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,944 INFO L273 TraceCheckUtils]: 39: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,964 INFO L273 TraceCheckUtils]: 40: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,974 INFO L273 TraceCheckUtils]: 41: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:58:47,983 INFO L273 TraceCheckUtils]: 42: Hoare triple {185#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {291#(= (bvadd |ssl3_accept_#t~mem52| (_ bv4294958832 32)) (_ bv0 32))} is VALID [2018-11-23 10:58:47,984 INFO L273 TraceCheckUtils]: 43: Hoare triple {291#(= (bvadd |ssl3_accept_#t~mem52| (_ bv4294958832 32)) (_ bv0 32))} assume 8640bv32 == #t~mem52;havoc #t~mem52; {158#false} is VALID [2018-11-23 10:58:47,984 INFO L273 TraceCheckUtils]: 44: Hoare triple {158#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {158#false} is VALID [2018-11-23 10:58:47,985 INFO L273 TraceCheckUtils]: 45: Hoare triple {158#false} assume !(4bv32 == ~blastFlag~0); {158#false} is VALID [2018-11-23 10:58:47,985 INFO L273 TraceCheckUtils]: 46: Hoare triple {158#false} assume !false; {158#false} is VALID [2018-11-23 10:58:48,000 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 10:58:48,001 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 10:58:48,007 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 10:58:48,008 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2018-11-23 10:58:48,014 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 47 [2018-11-23 10:58:48,017 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 10:58:48,021 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2018-11-23 10:58:48,207 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 47 edges. 47 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 10:58:48,207 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2018-11-23 10:58:48,216 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2018-11-23 10:58:48,217 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2018-11-23 10:58:48,219 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 6 states. [2018-11-23 10:59:08,528 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 10:59:08,528 INFO L93 Difference]: Finished difference Result 399 states and 670 transitions. [2018-11-23 10:59:08,528 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2018-11-23 10:59:08,528 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 47 [2018-11-23 10:59:08,529 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 10:59:08,531 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-23 10:59:08,555 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 670 transitions. [2018-11-23 10:59:08,556 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-23 10:59:08,570 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 670 transitions. [2018-11-23 10:59:08,570 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 670 transitions. [2018-11-23 10:59:10,271 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 670 edges. 670 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 10:59:10,301 INFO L225 Difference]: With dead ends: 399 [2018-11-23 10:59:10,301 INFO L226 Difference]: Without dead ends: 233 [2018-11-23 10:59:10,307 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 48 GetRequests, 42 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2018-11-23 10:59:10,328 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 233 states. [2018-11-23 10:59:10,483 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 233 to 169. [2018-11-23 10:59:10,483 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 10:59:10,484 INFO L82 GeneralOperation]: Start isEquivalent. First operand 233 states. Second operand 169 states. [2018-11-23 10:59:10,485 INFO L74 IsIncluded]: Start isIncluded. First operand 233 states. Second operand 169 states. [2018-11-23 10:59:10,485 INFO L87 Difference]: Start difference. First operand 233 states. Second operand 169 states. [2018-11-23 10:59:10,499 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 10:59:10,499 INFO L93 Difference]: Finished difference Result 233 states and 352 transitions. [2018-11-23 10:59:10,499 INFO L276 IsEmpty]: Start isEmpty. Operand 233 states and 352 transitions. [2018-11-23 10:59:10,502 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 10:59:10,502 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 10:59:10,502 INFO L74 IsIncluded]: Start isIncluded. First operand 169 states. Second operand 233 states. [2018-11-23 10:59:10,502 INFO L87 Difference]: Start difference. First operand 169 states. Second operand 233 states. [2018-11-23 10:59:10,515 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 10:59:10,515 INFO L93 Difference]: Finished difference Result 233 states and 352 transitions. [2018-11-23 10:59:10,515 INFO L276 IsEmpty]: Start isEmpty. Operand 233 states and 352 transitions. [2018-11-23 10:59:10,517 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 10:59:10,518 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 10:59:10,518 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 10:59:10,518 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 10:59:10,518 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 169 states. [2018-11-23 10:59:10,526 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 169 states to 169 states and 266 transitions. [2018-11-23 10:59:10,528 INFO L78 Accepts]: Start accepts. Automaton has 169 states and 266 transitions. Word has length 47 [2018-11-23 10:59:10,529 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 10:59:10,529 INFO L480 AbstractCegarLoop]: Abstraction has 169 states and 266 transitions. [2018-11-23 10:59:10,529 INFO L481 AbstractCegarLoop]: Interpolant automaton has 6 states. [2018-11-23 10:59:10,529 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 266 transitions. [2018-11-23 10:59:10,531 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2018-11-23 10:59:10,531 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 10:59:10,531 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 10:59:10,531 INFO L423 AbstractCegarLoop]: === Iteration 2 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 10:59:10,532 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 10:59:10,532 INFO L82 PathProgramCache]: Analyzing trace with hash -185905964, now seen corresponding path program 1 times [2018-11-23 10:59:10,533 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 10:59:10,533 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 10:59:10,561 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 10:59:10,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 10:59:10,887 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 10:59:10,889 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 10:59:10,937 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 20 [2018-11-23 10:59:10,945 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 23 [2018-11-23 10:59:10,956 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:10,961 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 33 [2018-11-23 10:59:10,977 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:10,984 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 27 [2018-11-23 10:59:10,986 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:10,996 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:11,007 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:11,017 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:11,034 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:11,034 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:27, output treesize:13 [2018-11-23 10:59:11,053 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:59:11,054 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_int_183|, |v_ssl3_accept_#t~nondet17_4|]. (and (= (store |v_#memory_int_183| ssl3_accept_~s.base (let ((.cse0 (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (store (store (store (select |v_#memory_int_183| ssl3_accept_~s.base) .cse0 (_ bv8464 32)) (bvadd ssl3_accept_~s.offset (_ bv92 32)) |v_ssl3_accept_#t~nondet17_4|) .cse0 (_ bv8464 32)))) |#memory_int|) (= ssl3_accept_~s.offset (_ bv0 32))) [2018-11-23 10:59:11,054 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) [2018-11-23 10:59:11,093 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:11,094 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 38 [2018-11-23 10:59:11,102 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:11,107 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:11,113 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 35 [2018-11-23 10:59:11,147 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:11,153 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:11,197 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:11,197 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:34, output treesize:13 [2018-11-23 10:59:13,210 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:59:13,210 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_int_184|]. (let ((.cse0 (select |v_#memory_int_184| ssl3_accept_~s.base))) (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select .cse0 (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (store |v_#memory_int_184| ssl3_accept_~s.base (let ((.cse1 (bvadd ssl3_accept_~s.offset (_ bv28 32)))) (store .cse0 .cse1 (bvadd (select .cse0 .cse1) (_ bv1 32))))) |#memory_int|))) [2018-11-23 10:59:13,211 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) [2018-11-23 10:59:13,327 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 13 [2018-11-23 10:59:13,334 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 5 [2018-11-23 10:59:13,335 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:13,337 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:13,340 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:13,340 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:17, output treesize:5 [2018-11-23 10:59:13,345 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:59:13,346 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base]. (let ((.cse0 (select (select |#memory_int| ssl3_accept_~s.base) (_ bv52 32)))) (and (= (bvadd .cse0 (_ bv4294958832 32)) (_ bv0 32)) (= |ssl3_accept_#t~mem53| .cse0))) [2018-11-23 10:59:13,346 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv0 32) (bvadd |ssl3_accept_#t~mem53| (_ bv4294958832 32))) [2018-11-23 10:59:13,362 INFO L256 TraceCheckUtils]: 0: Hoare triple {1453#true} call ULTIMATE.init(); {1453#true} is VALID [2018-11-23 10:59:13,362 INFO L273 TraceCheckUtils]: 1: Hoare triple {1453#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {1453#true} is VALID [2018-11-23 10:59:13,362 INFO L273 TraceCheckUtils]: 2: Hoare triple {1453#true} assume true; {1453#true} is VALID [2018-11-23 10:59:13,363 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1453#true} {1453#true} #616#return; {1453#true} is VALID [2018-11-23 10:59:13,363 INFO L256 TraceCheckUtils]: 4: Hoare triple {1453#true} call #t~ret138 := main(); {1453#true} is VALID [2018-11-23 10:59:13,367 INFO L273 TraceCheckUtils]: 5: Hoare triple {1453#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {1473#(= main_~s~0.offset (_ bv0 32))} is VALID [2018-11-23 10:59:13,368 INFO L256 TraceCheckUtils]: 6: Hoare triple {1473#(= main_~s~0.offset (_ bv0 32))} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {1477#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} is VALID [2018-11-23 10:59:13,374 INFO L273 TraceCheckUtils]: 7: Hoare triple {1477#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,375 INFO L273 TraceCheckUtils]: 8: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,377 INFO L273 TraceCheckUtils]: 9: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,377 INFO L273 TraceCheckUtils]: 10: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,378 INFO L273 TraceCheckUtils]: 11: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,379 INFO L273 TraceCheckUtils]: 12: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,379 INFO L273 TraceCheckUtils]: 13: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !false; {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,380 INFO L273 TraceCheckUtils]: 14: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,383 INFO L273 TraceCheckUtils]: 15: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,383 INFO L273 TraceCheckUtils]: 16: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,384 INFO L273 TraceCheckUtils]: 17: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,389 INFO L273 TraceCheckUtils]: 18: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,390 INFO L273 TraceCheckUtils]: 19: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,391 INFO L273 TraceCheckUtils]: 20: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,392 INFO L273 TraceCheckUtils]: 21: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,392 INFO L273 TraceCheckUtils]: 22: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,393 INFO L273 TraceCheckUtils]: 23: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,393 INFO L273 TraceCheckUtils]: 24: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,395 INFO L273 TraceCheckUtils]: 25: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,396 INFO L273 TraceCheckUtils]: 26: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,397 INFO L273 TraceCheckUtils]: 27: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,406 INFO L273 TraceCheckUtils]: 28: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,407 INFO L273 TraceCheckUtils]: 29: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,408 INFO L273 TraceCheckUtils]: 30: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,410 INFO L273 TraceCheckUtils]: 31: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,410 INFO L273 TraceCheckUtils]: 32: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,411 INFO L273 TraceCheckUtils]: 33: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,411 INFO L273 TraceCheckUtils]: 34: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,412 INFO L273 TraceCheckUtils]: 35: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,413 INFO L273 TraceCheckUtils]: 36: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,422 INFO L273 TraceCheckUtils]: 37: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,425 INFO L273 TraceCheckUtils]: 38: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,425 INFO L273 TraceCheckUtils]: 39: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,426 INFO L273 TraceCheckUtils]: 40: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,427 INFO L273 TraceCheckUtils]: 41: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,430 INFO L273 TraceCheckUtils]: 42: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 10:59:13,431 INFO L273 TraceCheckUtils]: 43: Hoare triple {1481#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(8640bv32 == #t~mem52);havoc #t~mem52;call #t~mem53 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {1590#(= (_ bv8464 32) |ssl3_accept_#t~mem53|)} is VALID [2018-11-23 10:59:13,431 INFO L273 TraceCheckUtils]: 44: Hoare triple {1590#(= (_ bv8464 32) |ssl3_accept_#t~mem53|)} assume 8641bv32 == #t~mem53;havoc #t~mem53; {1454#false} is VALID [2018-11-23 10:59:13,432 INFO L273 TraceCheckUtils]: 45: Hoare triple {1454#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {1454#false} is VALID [2018-11-23 10:59:13,432 INFO L273 TraceCheckUtils]: 46: Hoare triple {1454#false} assume !(4bv32 == ~blastFlag~0); {1454#false} is VALID [2018-11-23 10:59:13,432 INFO L273 TraceCheckUtils]: 47: Hoare triple {1454#false} assume !false; {1454#false} is VALID [2018-11-23 10:59:13,439 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 10:59:13,439 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 10:59:13,441 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 10:59:13,442 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2018-11-23 10:59:13,444 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 48 [2018-11-23 10:59:13,445 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 10:59:13,445 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2018-11-23 10:59:13,544 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 48 edges. 48 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 10:59:13,545 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2018-11-23 10:59:13,545 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2018-11-23 10:59:13,545 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2018-11-23 10:59:13,546 INFO L87 Difference]: Start difference. First operand 169 states and 266 transitions. Second operand 6 states. [2018-11-23 10:59:14,396 WARN L180 SmtUtils]: Spent 107.00 ms on a formula simplification that was a NOOP. DAG size: 14 [2018-11-23 10:59:30,920 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 10:59:30,921 INFO L93 Difference]: Finished difference Result 351 states and 535 transitions. [2018-11-23 10:59:30,921 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2018-11-23 10:59:30,921 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 48 [2018-11-23 10:59:30,922 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 10:59:30,922 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-23 10:59:30,928 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 535 transitions. [2018-11-23 10:59:30,928 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-23 10:59:30,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 535 transitions. [2018-11-23 10:59:30,934 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 535 transitions. [2018-11-23 10:59:31,939 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 535 edges. 535 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 10:59:31,949 INFO L225 Difference]: With dead ends: 351 [2018-11-23 10:59:31,949 INFO L226 Difference]: Without dead ends: 227 [2018-11-23 10:59:31,951 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 43 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2018-11-23 10:59:31,952 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2018-11-23 10:59:32,070 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 170. [2018-11-23 10:59:32,071 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 10:59:32,071 INFO L82 GeneralOperation]: Start isEquivalent. First operand 227 states. Second operand 170 states. [2018-11-23 10:59:32,071 INFO L74 IsIncluded]: Start isIncluded. First operand 227 states. Second operand 170 states. [2018-11-23 10:59:32,072 INFO L87 Difference]: Start difference. First operand 227 states. Second operand 170 states. [2018-11-23 10:59:32,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 10:59:32,084 INFO L93 Difference]: Finished difference Result 227 states and 344 transitions. [2018-11-23 10:59:32,084 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 344 transitions. [2018-11-23 10:59:32,085 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 10:59:32,085 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 10:59:32,086 INFO L74 IsIncluded]: Start isIncluded. First operand 170 states. Second operand 227 states. [2018-11-23 10:59:32,086 INFO L87 Difference]: Start difference. First operand 170 states. Second operand 227 states. [2018-11-23 10:59:32,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 10:59:32,098 INFO L93 Difference]: Finished difference Result 227 states and 344 transitions. [2018-11-23 10:59:32,098 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 344 transitions. [2018-11-23 10:59:32,099 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 10:59:32,099 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 10:59:32,099 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 10:59:32,099 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 10:59:32,099 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 170 states. [2018-11-23 10:59:32,107 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 170 states to 170 states and 267 transitions. [2018-11-23 10:59:32,107 INFO L78 Accepts]: Start accepts. Automaton has 170 states and 267 transitions. Word has length 48 [2018-11-23 10:59:32,108 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 10:59:32,108 INFO L480 AbstractCegarLoop]: Abstraction has 170 states and 267 transitions. [2018-11-23 10:59:32,108 INFO L481 AbstractCegarLoop]: Interpolant automaton has 6 states. [2018-11-23 10:59:32,108 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 267 transitions. [2018-11-23 10:59:32,110 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2018-11-23 10:59:32,110 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 10:59:32,110 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 10:59:32,110 INFO L423 AbstractCegarLoop]: === Iteration 3 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 10:59:32,111 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 10:59:32,111 INFO L82 PathProgramCache]: Analyzing trace with hash 719533870, now seen corresponding path program 1 times [2018-11-23 10:59:32,111 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 10:59:32,111 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 10:59:32,140 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 10:59:32,416 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 10:59:32,526 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 10:59:32,528 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 10:59:32,610 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 74 treesize of output 66 [2018-11-23 10:59:32,625 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 66 treesize of output 50 [2018-11-23 10:59:32,628 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 10:59:32,641 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 10:59:32,698 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 50 treesize of output 35 [2018-11-23 10:59:32,708 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 15 [2018-11-23 10:59:32,709 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:32,828 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 3 case distinctions, treesize of input 34 treesize of output 46 [2018-11-23 10:59:32,849 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 37 treesize of output 39 [2018-11-23 10:59:32,861 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:32,864 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:32,865 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 37 [2018-11-23 10:59:32,903 INFO L267 ElimStorePlain]: Start of recursive call 8: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:32,928 INFO L267 ElimStorePlain]: Start of recursive call 7: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:33,268 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,343 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 2 case distinctions, treesize of input 32 treesize of output 48 [2018-11-23 10:59:33,356 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,358 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,360 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 34 treesize of output 53 [2018-11-23 10:59:33,363 INFO L267 ElimStorePlain]: Start of recursive call 10: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:33,472 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,475 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,480 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,483 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,486 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:33,578 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 5 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 34 treesize of output 93 [2018-11-23 10:59:33,583 INFO L267 ElimStorePlain]: Start of recursive call 11: End of recursive call: and 2 xjuncts. [2018-11-23 10:59:33,680 INFO L267 ElimStorePlain]: Start of recursive call 9: 2 dim-1 vars, End of recursive call: and 3 xjuncts. [2018-11-23 10:59:33,788 INFO L267 ElimStorePlain]: Start of recursive call 6: 2 dim-1 vars, End of recursive call: and 3 xjuncts. [2018-11-23 10:59:33,853 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 10:59:33,937 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 33 [2018-11-23 10:59:33,963 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 1 [2018-11-23 10:59:33,966 INFO L267 ElimStorePlain]: Start of recursive call 13: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:33,978 INFO L267 ElimStorePlain]: Start of recursive call 12: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:33,983 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 33 [2018-11-23 10:59:33,989 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 1 [2018-11-23 10:59:33,990 INFO L267 ElimStorePlain]: Start of recursive call 15: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:34,001 INFO L267 ElimStorePlain]: Start of recursive call 14: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:34,006 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 36 treesize of output 34 [2018-11-23 10:59:34,015 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2018-11-23 10:59:34,017 INFO L267 ElimStorePlain]: Start of recursive call 17: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 10:59:34,034 INFO L267 ElimStorePlain]: Start of recursive call 16: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 10:59:34,088 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-2 vars, End of recursive call: 2 dim-0 vars, and 2 xjuncts. [2018-11-23 10:59:34,088 INFO L202 ElimStorePlain]: Needed 17 recursive calls to eliminate 3 variables, input treesize:78, output treesize:56 [2018-11-23 10:59:34,177 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:59:34,177 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_162|, |v_#memory_int_185|, |v_#memory_$Pointer$.offset_162|]. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= |#memory_int| (let ((.cse0 (let ((.cse2 (bvadd ssl3_accept_~s.offset (_ bv84 32)))) (let ((.cse1 (select (select |v_#memory_$Pointer$.base_162| ssl3_accept_~s.base) .cse2))) (store |v_#memory_int_185| .cse1 (store (select |v_#memory_int_185| .cse1) (bvadd (select (select |v_#memory_$Pointer$.offset_162| ssl3_accept_~s.base) .cse2) (_ bv844 32)) (_ bv8482 32))))))) (store .cse0 ssl3_accept_~s.base (store (store (select .cse0 ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)) (_ bv8448 32)) (bvadd ssl3_accept_~s.offset (_ bv64 32)) (_ bv0 32)))))) [2018-11-23 10:59:34,178 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [v_arrayElimCell_10, v_arrayElimCell_17]. (let ((.cse3 (select |#memory_int| ssl3_accept_~s.base))) (let ((.cse0 (= ssl3_accept_~s.offset (_ bv0 32))) (.cse1 (= (_ bv8448 32) (select .cse3 (bvadd ssl3_accept_~s.offset (_ bv52 32))))) (.cse2 (= (select .cse3 (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))) (or (and .cse0 (= (bvadd (select (select |#memory_int| v_arrayElimCell_10) (bvadd v_arrayElimCell_17 (_ bv844 32))) (_ bv4294958814 32)) (_ bv0 32)) .cse1 .cse2) (and .cse0 .cse1 .cse2)))) [2018-11-23 10:59:34,531 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 24 treesize of output 18 [2018-11-23 10:59:34,573 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 10:59:34,574 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 10 [2018-11-23 10:59:34,575 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 10:59:34,580 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:34,583 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 10:59:34,583 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:24, output treesize:5 [2018-11-23 10:59:34,586 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 10:59:34,586 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base]. (let ((.cse1 (select |#memory_int| ssl3_accept_~s.base))) (let ((.cse0 (select .cse1 (_ bv52 32)))) (and (= (bvadd .cse0 (_ bv4294958848 32)) (_ bv0 32)) (= |ssl3_accept_#t~mem52| .cse0) (= (select .cse1 (_ bv64 32)) (_ bv0 32))))) [2018-11-23 10:59:34,586 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv0 32) (bvadd |ssl3_accept_#t~mem52| (_ bv4294958848 32))) [2018-11-23 10:59:34,597 INFO L256 TraceCheckUtils]: 0: Hoare triple {2682#true} call ULTIMATE.init(); {2682#true} is VALID [2018-11-23 10:59:34,597 INFO L273 TraceCheckUtils]: 1: Hoare triple {2682#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {2682#true} is VALID [2018-11-23 10:59:34,598 INFO L273 TraceCheckUtils]: 2: Hoare triple {2682#true} assume true; {2682#true} is VALID [2018-11-23 10:59:34,598 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2682#true} {2682#true} #616#return; {2682#true} is VALID [2018-11-23 10:59:34,598 INFO L256 TraceCheckUtils]: 4: Hoare triple {2682#true} call #t~ret138 := main(); {2682#true} is VALID [2018-11-23 10:59:34,601 INFO L273 TraceCheckUtils]: 5: Hoare triple {2682#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {2702#(= main_~s~0.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,602 INFO L256 TraceCheckUtils]: 6: Hoare triple {2702#(= main_~s~0.offset (_ bv0 32))} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {2706#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} is VALID [2018-11-23 10:59:34,604 INFO L273 TraceCheckUtils]: 7: Hoare triple {2706#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,605 INFO L273 TraceCheckUtils]: 8: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,606 INFO L273 TraceCheckUtils]: 9: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,607 INFO L273 TraceCheckUtils]: 10: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,613 INFO L273 TraceCheckUtils]: 11: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,614 INFO L273 TraceCheckUtils]: 12: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,615 INFO L273 TraceCheckUtils]: 13: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !false; {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,615 INFO L273 TraceCheckUtils]: 14: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,622 INFO L273 TraceCheckUtils]: 15: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,622 INFO L273 TraceCheckUtils]: 16: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,623 INFO L273 TraceCheckUtils]: 17: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,623 INFO L273 TraceCheckUtils]: 18: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,624 INFO L273 TraceCheckUtils]: 19: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,624 INFO L273 TraceCheckUtils]: 20: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume 8480bv32 == #t~mem29;havoc #t~mem29; {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,625 INFO L273 TraceCheckUtils]: 21: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} call write~intINTTYPE4(0bv32, ~s.base, ~bvadd32(48bv32, ~s.offset), 4bv32);~ret~0 := #t~nondet67;havoc #t~nondet67; {2710#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 10:59:34,630 INFO L273 TraceCheckUtils]: 22: Hoare triple {2710#(= ssl3_accept_~s.offset (_ bv0 32))} assume !~bvsle32(~ret~0, 0bv32);call #t~mem68.base, #t~mem68.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call write~intINTTYPE4(8482bv32, #t~mem68.base, ~bvadd32(844bv32, #t~mem68.offset), 4bv32);havoc #t~mem68.base, #t~mem68.offset;call write~intINTTYPE4(8448bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);call write~intINTTYPE4(0bv32, ~s.base, ~bvadd32(64bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,631 INFO L273 TraceCheckUtils]: 23: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call #t~mem128 := read~intINTTYPE4(#t~mem127.base, ~bvadd32(848bv32, #t~mem127.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,632 INFO L273 TraceCheckUtils]: 24: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(0bv32 == #t~mem128);havoc #t~mem128;havoc #t~mem127.base, #t~mem127.offset; {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,633 INFO L273 TraceCheckUtils]: 25: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} ~skip~0 := 0bv32; {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,647 INFO L273 TraceCheckUtils]: 26: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !false; {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,649 INFO L273 TraceCheckUtils]: 27: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,651 INFO L273 TraceCheckUtils]: 28: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,653 INFO L273 TraceCheckUtils]: 29: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,654 INFO L273 TraceCheckUtils]: 30: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,655 INFO L273 TraceCheckUtils]: 31: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,656 INFO L273 TraceCheckUtils]: 32: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,660 INFO L273 TraceCheckUtils]: 33: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,662 INFO L273 TraceCheckUtils]: 34: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,662 INFO L273 TraceCheckUtils]: 35: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,663 INFO L273 TraceCheckUtils]: 36: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,664 INFO L273 TraceCheckUtils]: 37: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,664 INFO L273 TraceCheckUtils]: 38: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,666 INFO L273 TraceCheckUtils]: 39: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,667 INFO L273 TraceCheckUtils]: 40: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,668 INFO L273 TraceCheckUtils]: 41: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,670 INFO L273 TraceCheckUtils]: 42: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,671 INFO L273 TraceCheckUtils]: 43: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,672 INFO L273 TraceCheckUtils]: 44: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,673 INFO L273 TraceCheckUtils]: 45: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,674 INFO L273 TraceCheckUtils]: 46: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,675 INFO L273 TraceCheckUtils]: 47: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,677 INFO L273 TraceCheckUtils]: 48: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,678 INFO L273 TraceCheckUtils]: 49: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,679 INFO L273 TraceCheckUtils]: 50: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,681 INFO L273 TraceCheckUtils]: 51: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,682 INFO L273 TraceCheckUtils]: 52: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,683 INFO L273 TraceCheckUtils]: 53: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,684 INFO L273 TraceCheckUtils]: 54: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 10:59:34,686 INFO L273 TraceCheckUtils]: 55: Hoare triple {2756#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {2856#(= (_ bv8448 32) |ssl3_accept_#t~mem52|)} is VALID [2018-11-23 10:59:34,686 INFO L273 TraceCheckUtils]: 56: Hoare triple {2856#(= (_ bv8448 32) |ssl3_accept_#t~mem52|)} assume 8640bv32 == #t~mem52;havoc #t~mem52; {2683#false} is VALID [2018-11-23 10:59:34,687 INFO L273 TraceCheckUtils]: 57: Hoare triple {2683#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {2683#false} is VALID [2018-11-23 10:59:34,687 INFO L273 TraceCheckUtils]: 58: Hoare triple {2683#false} assume !(4bv32 == ~blastFlag~0); {2683#false} is VALID [2018-11-23 10:59:34,687 INFO L273 TraceCheckUtils]: 59: Hoare triple {2683#false} assume !false; {2683#false} is VALID [2018-11-23 10:59:34,708 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 10:59:34,708 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 10:59:34,711 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 10:59:34,711 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2018-11-23 10:59:34,712 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 60 [2018-11-23 10:59:34,712 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 10:59:34,712 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2018-11-23 10:59:34,885 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 60 edges. 60 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 10:59:34,885 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2018-11-23 10:59:34,885 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2018-11-23 10:59:34,885 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2018-11-23 10:59:34,886 INFO L87 Difference]: Start difference. First operand 170 states and 267 transitions. Second operand 7 states. [2018-11-23 11:00:05,101 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:00:05,101 INFO L93 Difference]: Finished difference Result 398 states and 618 transitions. [2018-11-23 11:00:05,101 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2018-11-23 11:00:05,101 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 60 [2018-11-23 11:00:05,102 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:00:05,102 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2018-11-23 11:00:05,108 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 558 transitions. [2018-11-23 11:00:05,108 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2018-11-23 11:00:05,114 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 558 transitions. [2018-11-23 11:00:05,114 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 558 transitions. [2018-11-23 11:00:06,217 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 558 edges. 558 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:00:06,225 INFO L225 Difference]: With dead ends: 398 [2018-11-23 11:00:06,225 INFO L226 Difference]: Without dead ends: 274 [2018-11-23 11:00:06,226 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 62 GetRequests, 54 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2018-11-23 11:00:06,227 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 274 states. [2018-11-23 11:00:06,480 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 274 to 209. [2018-11-23 11:00:06,480 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:00:06,480 INFO L82 GeneralOperation]: Start isEquivalent. First operand 274 states. Second operand 209 states. [2018-11-23 11:00:06,480 INFO L74 IsIncluded]: Start isIncluded. First operand 274 states. Second operand 209 states. [2018-11-23 11:00:06,480 INFO L87 Difference]: Start difference. First operand 274 states. Second operand 209 states. [2018-11-23 11:00:06,491 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:00:06,491 INFO L93 Difference]: Finished difference Result 274 states and 427 transitions. [2018-11-23 11:00:06,491 INFO L276 IsEmpty]: Start isEmpty. Operand 274 states and 427 transitions. [2018-11-23 11:00:06,492 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:00:06,492 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:00:06,492 INFO L74 IsIncluded]: Start isIncluded. First operand 209 states. Second operand 274 states. [2018-11-23 11:00:06,492 INFO L87 Difference]: Start difference. First operand 209 states. Second operand 274 states. [2018-11-23 11:00:06,503 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:00:06,503 INFO L93 Difference]: Finished difference Result 274 states and 427 transitions. [2018-11-23 11:00:06,504 INFO L276 IsEmpty]: Start isEmpty. Operand 274 states and 427 transitions. [2018-11-23 11:00:06,504 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:00:06,505 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:00:06,505 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:00:06,505 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:00:06,505 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 209 states. [2018-11-23 11:00:06,513 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 209 states to 209 states and 339 transitions. [2018-11-23 11:00:06,513 INFO L78 Accepts]: Start accepts. Automaton has 209 states and 339 transitions. Word has length 60 [2018-11-23 11:00:06,513 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:00:06,513 INFO L480 AbstractCegarLoop]: Abstraction has 209 states and 339 transitions. [2018-11-23 11:00:06,514 INFO L481 AbstractCegarLoop]: Interpolant automaton has 7 states. [2018-11-23 11:00:06,514 INFO L276 IsEmpty]: Start isEmpty. Operand 209 states and 339 transitions. [2018-11-23 11:00:06,515 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2018-11-23 11:00:06,515 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:00:06,516 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:00:06,516 INFO L423 AbstractCegarLoop]: === Iteration 4 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:00:06,516 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:00:06,516 INFO L82 PathProgramCache]: Analyzing trace with hash 246730250, now seen corresponding path program 1 times [2018-11-23 11:00:06,517 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:00:06,517 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:00:06,544 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:00:06,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:00:06,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:00:06,807 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:00:06,892 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 109 treesize of output 97 [2018-11-23 11:00:06,902 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 97 treesize of output 73 [2018-11-23 11:00:06,905 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:00:06,920 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:00:06,945 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:06,946 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 73 treesize of output 68 [2018-11-23 11:00:06,958 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:06,959 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 55 treesize of output 24 [2018-11-23 11:00:07,002 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:00:07,017 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-23 11:00:07,021 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-23 11:00:07,023 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:00:07,026 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:07,031 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:07,039 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:07,040 INFO L202 ElimStorePlain]: Needed 7 recursive calls to eliminate 3 variables, input treesize:109, output treesize:9 [2018-11-23 11:00:09,429 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:00:09,429 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_163|, |v_#memory_int_186|, |v_#memory_$Pointer$.offset_163|]. (= (let ((.cse0 (let ((.cse4 (bvadd ssl3_accept_~s.offset (_ bv204 32)))) (let ((.cse1 (select (select |v_#memory_$Pointer$.base_163| ssl3_accept_~s.base) .cse4))) (store |v_#memory_int_186| .cse1 (let ((.cse2 (select |v_#memory_int_186| .cse1)) (.cse3 (bvadd (select (select |v_#memory_$Pointer$.offset_163| ssl3_accept_~s.base) .cse4) (_ bv76 32)))) (store .cse2 .cse3 (bvadd (select .cse2 .cse3) (_ bv1 32))))))))) (store .cse0 ssl3_accept_~s.base (store (select .cse0 ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)) (_ bv8480 32)))) |#memory_int|) [2018-11-23 11:00:09,430 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) [2018-11-23 11:00:09,610 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 15 [2018-11-23 11:00:09,623 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 3 [2018-11-23 11:00:09,625 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:00:09,628 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:09,630 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:09,630 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:19, output treesize:3 [2018-11-23 11:00:09,636 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:00:09,637 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base, ssl3_accept_~s.offset]. (let ((.cse0 (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) (and (= (_ bv8480 32) .cse0) (= |ssl3_accept_#t~mem52| .cse0))) [2018-11-23 11:00:09,637 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= |ssl3_accept_#t~mem52| (_ bv8480 32)) [2018-11-23 11:00:09,646 INFO L256 TraceCheckUtils]: 0: Hoare triple {4136#true} call ULTIMATE.init(); {4136#true} is VALID [2018-11-23 11:00:09,647 INFO L273 TraceCheckUtils]: 1: Hoare triple {4136#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,647 INFO L273 TraceCheckUtils]: 2: Hoare triple {4136#true} assume true; {4136#true} is VALID [2018-11-23 11:00:09,647 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {4136#true} {4136#true} #616#return; {4136#true} is VALID [2018-11-23 11:00:09,648 INFO L256 TraceCheckUtils]: 4: Hoare triple {4136#true} call #t~ret138 := main(); {4136#true} is VALID [2018-11-23 11:00:09,648 INFO L273 TraceCheckUtils]: 5: Hoare triple {4136#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,648 INFO L256 TraceCheckUtils]: 6: Hoare triple {4136#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {4136#true} is VALID [2018-11-23 11:00:09,649 INFO L273 TraceCheckUtils]: 7: Hoare triple {4136#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,649 INFO L273 TraceCheckUtils]: 8: Hoare triple {4136#true} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {4136#true} is VALID [2018-11-23 11:00:09,649 INFO L273 TraceCheckUtils]: 9: Hoare triple {4136#true} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {4136#true} is VALID [2018-11-23 11:00:09,649 INFO L273 TraceCheckUtils]: 10: Hoare triple {4136#true} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {4136#true} is VALID [2018-11-23 11:00:09,649 INFO L273 TraceCheckUtils]: 11: Hoare triple {4136#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,650 INFO L273 TraceCheckUtils]: 12: Hoare triple {4136#true} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {4136#true} is VALID [2018-11-23 11:00:09,650 INFO L273 TraceCheckUtils]: 13: Hoare triple {4136#true} assume !false; {4136#true} is VALID [2018-11-23 11:00:09,650 INFO L273 TraceCheckUtils]: 14: Hoare triple {4136#true} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,650 INFO L273 TraceCheckUtils]: 15: Hoare triple {4136#true} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,650 INFO L273 TraceCheckUtils]: 16: Hoare triple {4136#true} assume 16384bv32 == #t~mem25;havoc #t~mem25; {4136#true} is VALID [2018-11-23 11:00:09,650 INFO L273 TraceCheckUtils]: 17: Hoare triple {4136#true} call write~intINTTYPE4(1bv32, ~s.base, ~bvadd32(36bv32, ~s.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,651 INFO L273 TraceCheckUtils]: 18: Hoare triple {4136#true} assume 0bv32 != ~bvadd32(~cb~0.base, ~cb~0.offset); {4136#true} is VALID [2018-11-23 11:00:09,651 INFO L273 TraceCheckUtils]: 19: Hoare triple {4136#true} call #t~mem59 := read~intINTTYPE4(~s.base, ~s.offset, 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,651 INFO L273 TraceCheckUtils]: 20: Hoare triple {4136#true} assume !(3bv32 != ~bvashr32(#t~mem59, 8bv32));havoc #t~mem59;call write~intINTTYPE4(8192bv32, ~s.base, ~bvadd32(4bv32, ~s.offset), 4bv32);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~bvadd32(60bv32, ~s.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,651 INFO L273 TraceCheckUtils]: 21: Hoare triple {4136#true} assume !(0bv32 == ~bvadd32(#t~mem60.base, #t~mem60.offset));havoc #t~mem60.base, #t~mem60.offset; {4136#true} is VALID [2018-11-23 11:00:09,651 INFO L273 TraceCheckUtils]: 22: Hoare triple {4136#true} assume !(0bv32 == ~tmp___4~0);call write~intINTTYPE4(0bv32, ~s.base, ~bvadd32(64bv32, ~s.offset), 4bv32);call #t~mem62 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4136#true} is VALID [2018-11-23 11:00:09,656 INFO L273 TraceCheckUtils]: 23: Hoare triple {4136#true} assume !(12292bv32 != #t~mem62);havoc #t~mem62;call #t~mem65.base, #t~mem65.offset := read~$Pointer$(~s.base, ~bvadd32(204bv32, ~s.offset), 4bv32);call #t~mem66 := read~intINTTYPE4(#t~mem65.base, ~bvadd32(76bv32, #t~mem65.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem66), #t~mem65.base, ~bvadd32(76bv32, #t~mem65.offset), 4bv32);havoc #t~mem66;havoc #t~mem65.base, #t~mem65.offset;call write~intINTTYPE4(8480bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,657 INFO L273 TraceCheckUtils]: 24: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call #t~mem128 := read~intINTTYPE4(#t~mem127.base, ~bvadd32(848bv32, #t~mem127.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,659 INFO L273 TraceCheckUtils]: 25: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(0bv32 == #t~mem128);havoc #t~mem128;havoc #t~mem127.base, #t~mem127.offset; {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,660 INFO L273 TraceCheckUtils]: 26: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} ~skip~0 := 0bv32; {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,660 INFO L273 TraceCheckUtils]: 27: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !false; {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,661 INFO L273 TraceCheckUtils]: 28: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,661 INFO L273 TraceCheckUtils]: 29: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,661 INFO L273 TraceCheckUtils]: 30: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,662 INFO L273 TraceCheckUtils]: 31: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,662 INFO L273 TraceCheckUtils]: 32: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,663 INFO L273 TraceCheckUtils]: 33: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,664 INFO L273 TraceCheckUtils]: 34: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,664 INFO L273 TraceCheckUtils]: 35: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,665 INFO L273 TraceCheckUtils]: 36: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,685 INFO L273 TraceCheckUtils]: 37: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,700 INFO L273 TraceCheckUtils]: 38: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,715 INFO L273 TraceCheckUtils]: 39: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,729 INFO L273 TraceCheckUtils]: 40: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,742 INFO L273 TraceCheckUtils]: 41: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,751 INFO L273 TraceCheckUtils]: 42: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,764 INFO L273 TraceCheckUtils]: 43: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,774 INFO L273 TraceCheckUtils]: 44: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,775 INFO L273 TraceCheckUtils]: 45: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,776 INFO L273 TraceCheckUtils]: 46: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,776 INFO L273 TraceCheckUtils]: 47: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,778 INFO L273 TraceCheckUtils]: 48: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,785 INFO L273 TraceCheckUtils]: 49: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,785 INFO L273 TraceCheckUtils]: 50: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,787 INFO L273 TraceCheckUtils]: 51: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,787 INFO L273 TraceCheckUtils]: 52: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,790 INFO L273 TraceCheckUtils]: 53: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,790 INFO L273 TraceCheckUtils]: 54: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,793 INFO L273 TraceCheckUtils]: 55: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:00:09,793 INFO L273 TraceCheckUtils]: 56: Hoare triple {4210#(= (_ bv8480 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {4310#(= (bvadd |ssl3_accept_#t~mem52| (_ bv4294958816 32)) (_ bv0 32))} is VALID [2018-11-23 11:00:09,794 INFO L273 TraceCheckUtils]: 57: Hoare triple {4310#(= (bvadd |ssl3_accept_#t~mem52| (_ bv4294958816 32)) (_ bv0 32))} assume 8640bv32 == #t~mem52;havoc #t~mem52; {4137#false} is VALID [2018-11-23 11:00:09,794 INFO L273 TraceCheckUtils]: 58: Hoare triple {4137#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {4137#false} is VALID [2018-11-23 11:00:09,794 INFO L273 TraceCheckUtils]: 59: Hoare triple {4137#false} assume !(4bv32 == ~blastFlag~0); {4137#false} is VALID [2018-11-23 11:00:09,794 INFO L273 TraceCheckUtils]: 60: Hoare triple {4137#false} assume !false; {4137#false} is VALID [2018-11-23 11:00:09,800 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:00:09,800 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:00:09,802 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:00:09,802 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-23 11:00:09,802 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 61 [2018-11-23 11:00:09,803 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:00:09,803 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-23 11:00:09,916 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 61 edges. 61 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:00:09,916 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-23 11:00:09,917 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-23 11:00:09,917 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-23 11:00:09,917 INFO L87 Difference]: Start difference. First operand 209 states and 339 transitions. Second operand 4 states. [2018-11-23 11:00:31,554 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:00:31,554 INFO L93 Difference]: Finished difference Result 475 states and 760 transitions. [2018-11-23 11:00:31,554 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-23 11:00:31,554 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 61 [2018-11-23 11:00:31,555 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:00:31,555 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:00:31,560 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 556 transitions. [2018-11-23 11:00:31,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:00:31,565 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 556 transitions. [2018-11-23 11:00:31,566 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 556 transitions. [2018-11-23 11:00:32,770 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 556 edges. 556 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:00:32,780 INFO L225 Difference]: With dead ends: 475 [2018-11-23 11:00:32,780 INFO L226 Difference]: Without dead ends: 312 [2018-11-23 11:00:32,781 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 61 GetRequests, 58 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-23 11:00:32,782 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 312 states. [2018-11-23 11:00:32,904 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 312 to 209. [2018-11-23 11:00:32,905 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:00:32,905 INFO L82 GeneralOperation]: Start isEquivalent. First operand 312 states. Second operand 209 states. [2018-11-23 11:00:32,905 INFO L74 IsIncluded]: Start isIncluded. First operand 312 states. Second operand 209 states. [2018-11-23 11:00:32,905 INFO L87 Difference]: Start difference. First operand 312 states. Second operand 209 states. [2018-11-23 11:00:32,915 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:00:32,915 INFO L93 Difference]: Finished difference Result 312 states and 497 transitions. [2018-11-23 11:00:32,915 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 497 transitions. [2018-11-23 11:00:32,916 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:00:32,917 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:00:32,917 INFO L74 IsIncluded]: Start isIncluded. First operand 209 states. Second operand 312 states. [2018-11-23 11:00:32,917 INFO L87 Difference]: Start difference. First operand 209 states. Second operand 312 states. [2018-11-23 11:00:32,926 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:00:32,927 INFO L93 Difference]: Finished difference Result 312 states and 497 transitions. [2018-11-23 11:00:32,927 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 497 transitions. [2018-11-23 11:00:32,928 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:00:32,928 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:00:32,928 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:00:32,928 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:00:32,929 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 209 states. [2018-11-23 11:00:32,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 209 states to 209 states and 339 transitions. [2018-11-23 11:00:32,935 INFO L78 Accepts]: Start accepts. Automaton has 209 states and 339 transitions. Word has length 61 [2018-11-23 11:00:32,935 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:00:32,935 INFO L480 AbstractCegarLoop]: Abstraction has 209 states and 339 transitions. [2018-11-23 11:00:32,935 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-23 11:00:32,935 INFO L276 IsEmpty]: Start isEmpty. Operand 209 states and 339 transitions. [2018-11-23 11:00:32,936 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2018-11-23 11:00:32,937 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:00:32,937 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:00:32,937 INFO L423 AbstractCegarLoop]: === Iteration 5 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:00:32,937 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:00:32,938 INFO L82 PathProgramCache]: Analyzing trace with hash 824210674, now seen corresponding path program 1 times [2018-11-23 11:00:32,938 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:00:32,938 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:00:32,974 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:00:33,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:00:33,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:00:33,503 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:00:34,012 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 74 treesize of output 66 [2018-11-23 11:00:34,032 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 66 treesize of output 50 [2018-11-23 11:00:34,035 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:00:34,055 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:00:34,118 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 50 treesize of output 46 [2018-11-23 11:00:34,128 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 38 [2018-11-23 11:00:34,130 INFO L267 ElimStorePlain]: Start of recursive call 5: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:00:34,146 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:00:34,214 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 29 [2018-11-23 11:00:34,226 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-23 11:00:34,227 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:00:34,360 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 3 case distinctions, treesize of input 28 treesize of output 40 [2018-11-23 11:00:34,376 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 29 treesize of output 31 [2018-11-23 11:00:34,385 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,388 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,390 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 37 [2018-11-23 11:00:34,391 INFO L267 ElimStorePlain]: Start of recursive call 10: End of recursive call: and 1 xjuncts. [2018-11-23 11:00:34,417 INFO L267 ElimStorePlain]: Start of recursive call 9: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:34,488 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,557 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 2 case distinctions, treesize of input 26 treesize of output 36 [2018-11-23 11:00:34,568 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,569 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,571 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 28 treesize of output 47 [2018-11-23 11:00:34,573 INFO L267 ElimStorePlain]: Start of recursive call 12: End of recursive call: and 1 xjuncts. [2018-11-23 11:00:34,637 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,638 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,642 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,644 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,646 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:34,750 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 5 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 28 treesize of output 75 [2018-11-23 11:00:34,754 INFO L267 ElimStorePlain]: Start of recursive call 13: End of recursive call: and 2 xjuncts. [2018-11-23 11:00:34,845 INFO L267 ElimStorePlain]: Start of recursive call 11: 2 dim-1 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:00:34,907 INFO L267 ElimStorePlain]: Start of recursive call 8: 2 dim-1 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:00:34,964 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:00:35,091 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-2 vars, End of recursive call: 2 dim-0 vars, and 2 xjuncts. [2018-11-23 11:00:35,092 INFO L202 ElimStorePlain]: Needed 13 recursive calls to eliminate 3 variables, input treesize:78, output treesize:54 [2018-11-23 11:00:35,212 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:00:35,212 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_164|, |v_#memory_int_187|, |v_#memory_$Pointer$.offset_164|]. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (let ((.cse0 (let ((.cse2 (bvadd ssl3_accept_~s.offset (_ bv84 32)))) (let ((.cse1 (select (select |v_#memory_$Pointer$.base_164| ssl3_accept_~s.base) .cse2))) (store |v_#memory_int_187| .cse1 (store (select |v_#memory_int_187| .cse1) (bvadd (select (select |v_#memory_$Pointer$.offset_164| ssl3_accept_~s.base) .cse2) (_ bv844 32)) (_ bv8482 32))))))) (store .cse0 ssl3_accept_~s.base (store (store (select .cse0 ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)) (_ bv8448 32)) (bvadd ssl3_accept_~s.offset (_ bv64 32)) (_ bv0 32)))) |#memory_int|)) [2018-11-23 11:00:35,213 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [v_arrayElimCell_26, v_arrayElimCell_28]. (let ((.cse3 (select |#memory_int| ssl3_accept_~s.base))) (let ((.cse0 (= ssl3_accept_~s.offset (_ bv0 32))) (.cse1 (= (_ bv8448 32) (select .cse3 (bvadd ssl3_accept_~s.offset (_ bv52 32))))) (.cse2 (= (select .cse3 (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))) (or (and .cse0 (= (_ bv8482 32) (select (select |#memory_int| v_arrayElimCell_26) (bvadd v_arrayElimCell_28 (_ bv844 32)))) .cse1 .cse2) (and .cse0 .cse1 .cse2)))) [2018-11-23 11:00:35,399 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 24 treesize of output 18 [2018-11-23 11:00:35,405 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:00:35,406 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 10 [2018-11-23 11:00:35,407 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:00:35,412 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:35,414 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:00:35,414 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:24, output treesize:5 [2018-11-23 11:00:35,417 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:00:35,418 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base]. (let ((.cse1 (select |#memory_int| ssl3_accept_~s.base))) (let ((.cse0 (select .cse1 (_ bv52 32)))) (and (= (bvadd .cse0 (_ bv4294958848 32)) (_ bv0 32)) (= |ssl3_accept_#t~mem53| .cse0) (= (select .cse1 (_ bv64 32)) (_ bv0 32))))) [2018-11-23 11:00:35,418 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= (bvadd |ssl3_accept_#t~mem53| (_ bv4294958848 32)) (_ bv0 32)) [2018-11-23 11:00:35,429 INFO L256 TraceCheckUtils]: 0: Hoare triple {5743#true} call ULTIMATE.init(); {5743#true} is VALID [2018-11-23 11:00:35,430 INFO L273 TraceCheckUtils]: 1: Hoare triple {5743#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {5743#true} is VALID [2018-11-23 11:00:35,430 INFO L273 TraceCheckUtils]: 2: Hoare triple {5743#true} assume true; {5743#true} is VALID [2018-11-23 11:00:35,430 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {5743#true} {5743#true} #616#return; {5743#true} is VALID [2018-11-23 11:00:35,431 INFO L256 TraceCheckUtils]: 4: Hoare triple {5743#true} call #t~ret138 := main(); {5743#true} is VALID [2018-11-23 11:00:35,432 INFO L273 TraceCheckUtils]: 5: Hoare triple {5743#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {5763#(= main_~s~0.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,433 INFO L256 TraceCheckUtils]: 6: Hoare triple {5763#(= main_~s~0.offset (_ bv0 32))} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {5767#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} is VALID [2018-11-23 11:00:35,434 INFO L273 TraceCheckUtils]: 7: Hoare triple {5767#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,434 INFO L273 TraceCheckUtils]: 8: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,435 INFO L273 TraceCheckUtils]: 9: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,435 INFO L273 TraceCheckUtils]: 10: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,436 INFO L273 TraceCheckUtils]: 11: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,436 INFO L273 TraceCheckUtils]: 12: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,437 INFO L273 TraceCheckUtils]: 13: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !false; {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,438 INFO L273 TraceCheckUtils]: 14: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,440 INFO L273 TraceCheckUtils]: 15: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,441 INFO L273 TraceCheckUtils]: 16: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,441 INFO L273 TraceCheckUtils]: 17: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,441 INFO L273 TraceCheckUtils]: 18: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,442 INFO L273 TraceCheckUtils]: 19: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,442 INFO L273 TraceCheckUtils]: 20: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume 8480bv32 == #t~mem29;havoc #t~mem29; {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,442 INFO L273 TraceCheckUtils]: 21: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} call write~intINTTYPE4(0bv32, ~s.base, ~bvadd32(48bv32, ~s.offset), 4bv32);~ret~0 := #t~nondet67;havoc #t~nondet67; {5771#(= ssl3_accept_~s.offset (_ bv0 32))} is VALID [2018-11-23 11:00:35,447 INFO L273 TraceCheckUtils]: 22: Hoare triple {5771#(= ssl3_accept_~s.offset (_ bv0 32))} assume !~bvsle32(~ret~0, 0bv32);call #t~mem68.base, #t~mem68.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call write~intINTTYPE4(8482bv32, #t~mem68.base, ~bvadd32(844bv32, #t~mem68.offset), 4bv32);havoc #t~mem68.base, #t~mem68.offset;call write~intINTTYPE4(8448bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);call write~intINTTYPE4(0bv32, ~s.base, ~bvadd32(64bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,448 INFO L273 TraceCheckUtils]: 23: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call #t~mem128 := read~intINTTYPE4(#t~mem127.base, ~bvadd32(848bv32, #t~mem127.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,449 INFO L273 TraceCheckUtils]: 24: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(0bv32 == #t~mem128);havoc #t~mem128;havoc #t~mem127.base, #t~mem127.offset; {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,449 INFO L273 TraceCheckUtils]: 25: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} ~skip~0 := 0bv32; {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,450 INFO L273 TraceCheckUtils]: 26: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !false; {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,450 INFO L273 TraceCheckUtils]: 27: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,451 INFO L273 TraceCheckUtils]: 28: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,452 INFO L273 TraceCheckUtils]: 29: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,454 INFO L273 TraceCheckUtils]: 30: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,455 INFO L273 TraceCheckUtils]: 31: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,455 INFO L273 TraceCheckUtils]: 32: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,458 INFO L273 TraceCheckUtils]: 33: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,460 INFO L273 TraceCheckUtils]: 34: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,461 INFO L273 TraceCheckUtils]: 35: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,462 INFO L273 TraceCheckUtils]: 36: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,463 INFO L273 TraceCheckUtils]: 37: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,467 INFO L273 TraceCheckUtils]: 38: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,471 INFO L273 TraceCheckUtils]: 39: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,473 INFO L273 TraceCheckUtils]: 40: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,473 INFO L273 TraceCheckUtils]: 41: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,474 INFO L273 TraceCheckUtils]: 42: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,475 INFO L273 TraceCheckUtils]: 43: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,476 INFO L273 TraceCheckUtils]: 44: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,476 INFO L273 TraceCheckUtils]: 45: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,477 INFO L273 TraceCheckUtils]: 46: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,483 INFO L273 TraceCheckUtils]: 47: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,484 INFO L273 TraceCheckUtils]: 48: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,485 INFO L273 TraceCheckUtils]: 49: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,502 INFO L273 TraceCheckUtils]: 50: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,503 INFO L273 TraceCheckUtils]: 51: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,504 INFO L273 TraceCheckUtils]: 52: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,505 INFO L273 TraceCheckUtils]: 53: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,506 INFO L273 TraceCheckUtils]: 54: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,506 INFO L273 TraceCheckUtils]: 55: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} is VALID [2018-11-23 11:00:35,507 INFO L273 TraceCheckUtils]: 56: Hoare triple {5817#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8448 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv64 32))) (_ bv0 32)))} assume !(8640bv32 == #t~mem52);havoc #t~mem52;call #t~mem53 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {5920#(= (bvadd |ssl3_accept_#t~mem53| (_ bv4294958848 32)) (_ bv0 32))} is VALID [2018-11-23 11:00:35,507 INFO L273 TraceCheckUtils]: 57: Hoare triple {5920#(= (bvadd |ssl3_accept_#t~mem53| (_ bv4294958848 32)) (_ bv0 32))} assume 8641bv32 == #t~mem53;havoc #t~mem53; {5744#false} is VALID [2018-11-23 11:00:35,507 INFO L273 TraceCheckUtils]: 58: Hoare triple {5744#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {5744#false} is VALID [2018-11-23 11:00:35,508 INFO L273 TraceCheckUtils]: 59: Hoare triple {5744#false} assume !(4bv32 == ~blastFlag~0); {5744#false} is VALID [2018-11-23 11:00:35,508 INFO L273 TraceCheckUtils]: 60: Hoare triple {5744#false} assume !false; {5744#false} is VALID [2018-11-23 11:00:35,519 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:00:35,519 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:00:35,522 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:00:35,522 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2018-11-23 11:00:35,522 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 61 [2018-11-23 11:00:35,523 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:00:35,523 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2018-11-23 11:00:35,700 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 61 edges. 61 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:00:35,700 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2018-11-23 11:00:35,700 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2018-11-23 11:00:35,700 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2018-11-23 11:00:35,701 INFO L87 Difference]: Start difference. First operand 209 states and 339 transitions. Second operand 7 states. [2018-11-23 11:01:11,223 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:01:11,224 INFO L93 Difference]: Finished difference Result 470 states and 754 transitions. [2018-11-23 11:01:11,224 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2018-11-23 11:01:11,224 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 61 [2018-11-23 11:01:11,224 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:01:11,225 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2018-11-23 11:01:11,228 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 550 transitions. [2018-11-23 11:01:11,229 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2018-11-23 11:01:11,232 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 550 transitions. [2018-11-23 11:01:11,232 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 550 transitions. [2018-11-23 11:01:13,209 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 550 edges. 550 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:01:13,217 INFO L225 Difference]: With dead ends: 470 [2018-11-23 11:01:13,217 INFO L226 Difference]: Without dead ends: 307 [2018-11-23 11:01:13,218 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 63 GetRequests, 55 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2018-11-23 11:01:13,218 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2018-11-23 11:01:13,411 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 217. [2018-11-23 11:01:13,411 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:01:13,411 INFO L82 GeneralOperation]: Start isEquivalent. First operand 307 states. Second operand 217 states. [2018-11-23 11:01:13,411 INFO L74 IsIncluded]: Start isIncluded. First operand 307 states. Second operand 217 states. [2018-11-23 11:01:13,411 INFO L87 Difference]: Start difference. First operand 307 states. Second operand 217 states. [2018-11-23 11:01:13,420 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:01:13,421 INFO L93 Difference]: Finished difference Result 307 states and 491 transitions. [2018-11-23 11:01:13,421 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 491 transitions. [2018-11-23 11:01:13,422 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:01:13,422 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:01:13,422 INFO L74 IsIncluded]: Start isIncluded. First operand 217 states. Second operand 307 states. [2018-11-23 11:01:13,422 INFO L87 Difference]: Start difference. First operand 217 states. Second operand 307 states. [2018-11-23 11:01:13,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:01:13,432 INFO L93 Difference]: Finished difference Result 307 states and 491 transitions. [2018-11-23 11:01:13,432 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 491 transitions. [2018-11-23 11:01:13,433 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:01:13,433 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:01:13,433 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:01:13,433 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:01:13,433 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 217 states. [2018-11-23 11:01:13,439 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 217 states to 217 states and 352 transitions. [2018-11-23 11:01:13,439 INFO L78 Accepts]: Start accepts. Automaton has 217 states and 352 transitions. Word has length 61 [2018-11-23 11:01:13,440 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:01:13,440 INFO L480 AbstractCegarLoop]: Abstraction has 217 states and 352 transitions. [2018-11-23 11:01:13,440 INFO L481 AbstractCegarLoop]: Interpolant automaton has 7 states. [2018-11-23 11:01:13,440 INFO L276 IsEmpty]: Start isEmpty. Operand 217 states and 352 transitions. [2018-11-23 11:01:13,441 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2018-11-23 11:01:13,441 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:01:13,441 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:01:13,442 INFO L423 AbstractCegarLoop]: === Iteration 6 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:01:13,442 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:01:13,442 INFO L82 PathProgramCache]: Analyzing trace with hash -2017958462, now seen corresponding path program 1 times [2018-11-23 11:01:13,443 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:01:13,443 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:01:13,471 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:01:13,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:01:13,712 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:01:13,714 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:01:14,351 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-23 11:01:14,391 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-23 11:01:14,417 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:01:14,422 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:14,428 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:14,429 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:13, output treesize:9 [2018-11-23 11:01:14,512 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 15 [2018-11-23 11:01:14,518 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 3 [2018-11-23 11:01:14,519 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:01:14,521 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:14,524 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:14,524 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:19, output treesize:3 [2018-11-23 11:01:14,529 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:01:14,529 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base, ssl3_accept_~s.offset]. (let ((.cse0 (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) (and (= |ssl3_accept_#t~mem52| .cse0) (= (_ bv3 32) .cse0))) [2018-11-23 11:01:14,529 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= |ssl3_accept_#t~mem52| (_ bv3 32)) [2018-11-23 11:01:14,537 INFO L256 TraceCheckUtils]: 0: Hoare triple {7349#true} call ULTIMATE.init(); {7349#true} is VALID [2018-11-23 11:01:14,538 INFO L273 TraceCheckUtils]: 1: Hoare triple {7349#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,538 INFO L273 TraceCheckUtils]: 2: Hoare triple {7349#true} assume true; {7349#true} is VALID [2018-11-23 11:01:14,539 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {7349#true} {7349#true} #616#return; {7349#true} is VALID [2018-11-23 11:01:14,539 INFO L256 TraceCheckUtils]: 4: Hoare triple {7349#true} call #t~ret138 := main(); {7349#true} is VALID [2018-11-23 11:01:14,539 INFO L273 TraceCheckUtils]: 5: Hoare triple {7349#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,539 INFO L256 TraceCheckUtils]: 6: Hoare triple {7349#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {7349#true} is VALID [2018-11-23 11:01:14,540 INFO L273 TraceCheckUtils]: 7: Hoare triple {7349#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,540 INFO L273 TraceCheckUtils]: 8: Hoare triple {7349#true} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {7349#true} is VALID [2018-11-23 11:01:14,540 INFO L273 TraceCheckUtils]: 9: Hoare triple {7349#true} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {7349#true} is VALID [2018-11-23 11:01:14,540 INFO L273 TraceCheckUtils]: 10: Hoare triple {7349#true} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {7349#true} is VALID [2018-11-23 11:01:14,540 INFO L273 TraceCheckUtils]: 11: Hoare triple {7349#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,540 INFO L273 TraceCheckUtils]: 12: Hoare triple {7349#true} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {7349#true} is VALID [2018-11-23 11:01:14,541 INFO L273 TraceCheckUtils]: 13: Hoare triple {7349#true} assume !false; {7349#true} is VALID [2018-11-23 11:01:14,541 INFO L273 TraceCheckUtils]: 14: Hoare triple {7349#true} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,541 INFO L273 TraceCheckUtils]: 15: Hoare triple {7349#true} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,541 INFO L273 TraceCheckUtils]: 16: Hoare triple {7349#true} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,541 INFO L273 TraceCheckUtils]: 17: Hoare triple {7349#true} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,541 INFO L273 TraceCheckUtils]: 18: Hoare triple {7349#true} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,541 INFO L273 TraceCheckUtils]: 19: Hoare triple {7349#true} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,542 INFO L273 TraceCheckUtils]: 20: Hoare triple {7349#true} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,542 INFO L273 TraceCheckUtils]: 21: Hoare triple {7349#true} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7349#true} is VALID [2018-11-23 11:01:14,542 INFO L273 TraceCheckUtils]: 22: Hoare triple {7349#true} assume 8482bv32 == #t~mem31;havoc #t~mem31; {7349#true} is VALID [2018-11-23 11:01:14,544 INFO L273 TraceCheckUtils]: 23: Hoare triple {7349#true} call write~intINTTYPE4(3bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,544 INFO L273 TraceCheckUtils]: 24: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call #t~mem128 := read~intINTTYPE4(#t~mem127.base, ~bvadd32(848bv32, #t~mem127.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,545 INFO L273 TraceCheckUtils]: 25: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(0bv32 == #t~mem128);havoc #t~mem128;havoc #t~mem127.base, #t~mem127.offset; {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,545 INFO L273 TraceCheckUtils]: 26: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} ~skip~0 := 0bv32; {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,545 INFO L273 TraceCheckUtils]: 27: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !false; {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,546 INFO L273 TraceCheckUtils]: 28: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,546 INFO L273 TraceCheckUtils]: 29: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,547 INFO L273 TraceCheckUtils]: 30: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,549 INFO L273 TraceCheckUtils]: 31: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,550 INFO L273 TraceCheckUtils]: 32: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,550 INFO L273 TraceCheckUtils]: 33: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,551 INFO L273 TraceCheckUtils]: 34: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,551 INFO L273 TraceCheckUtils]: 35: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,551 INFO L273 TraceCheckUtils]: 36: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,552 INFO L273 TraceCheckUtils]: 37: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,552 INFO L273 TraceCheckUtils]: 38: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,553 INFO L273 TraceCheckUtils]: 39: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,553 INFO L273 TraceCheckUtils]: 40: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,554 INFO L273 TraceCheckUtils]: 41: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,554 INFO L273 TraceCheckUtils]: 42: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,555 INFO L273 TraceCheckUtils]: 43: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,555 INFO L273 TraceCheckUtils]: 44: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,556 INFO L273 TraceCheckUtils]: 45: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,556 INFO L273 TraceCheckUtils]: 46: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,557 INFO L273 TraceCheckUtils]: 47: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,558 INFO L273 TraceCheckUtils]: 48: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,558 INFO L273 TraceCheckUtils]: 49: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,559 INFO L273 TraceCheckUtils]: 50: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,559 INFO L273 TraceCheckUtils]: 51: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,560 INFO L273 TraceCheckUtils]: 52: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,560 INFO L273 TraceCheckUtils]: 53: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,561 INFO L273 TraceCheckUtils]: 54: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,561 INFO L273 TraceCheckUtils]: 55: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:01:14,562 INFO L273 TraceCheckUtils]: 56: Hoare triple {7423#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {7523#(= (bvadd |ssl3_accept_#t~mem52| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:01:14,563 INFO L273 TraceCheckUtils]: 57: Hoare triple {7523#(= (bvadd |ssl3_accept_#t~mem52| (_ bv4294967293 32)) (_ bv0 32))} assume 8640bv32 == #t~mem52;havoc #t~mem52; {7350#false} is VALID [2018-11-23 11:01:14,563 INFO L273 TraceCheckUtils]: 58: Hoare triple {7350#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {7350#false} is VALID [2018-11-23 11:01:14,563 INFO L273 TraceCheckUtils]: 59: Hoare triple {7350#false} assume !(4bv32 == ~blastFlag~0); {7350#false} is VALID [2018-11-23 11:01:14,564 INFO L273 TraceCheckUtils]: 60: Hoare triple {7350#false} assume !false; {7350#false} is VALID [2018-11-23 11:01:14,570 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 10 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:01:14,570 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:01:14,573 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:01:14,573 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-23 11:01:14,573 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 61 [2018-11-23 11:01:14,573 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:01:14,573 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-23 11:01:14,682 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 61 edges. 61 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:01:14,683 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-23 11:01:14,683 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-23 11:01:14,683 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-23 11:01:14,683 INFO L87 Difference]: Start difference. First operand 217 states and 352 transitions. Second operand 4 states. [2018-11-23 11:01:37,863 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:01:37,864 INFO L93 Difference]: Finished difference Result 524 states and 847 transitions. [2018-11-23 11:01:37,864 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-23 11:01:37,864 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 61 [2018-11-23 11:01:37,864 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:01:37,865 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:01:37,869 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 557 transitions. [2018-11-23 11:01:37,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:01:37,873 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 557 transitions. [2018-11-23 11:01:37,873 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 557 transitions. [2018-11-23 11:01:39,329 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 557 edges. 557 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:01:39,338 INFO L225 Difference]: With dead ends: 524 [2018-11-23 11:01:39,338 INFO L226 Difference]: Without dead ends: 321 [2018-11-23 11:01:39,339 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 61 GetRequests, 58 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-23 11:01:39,339 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 321 states. [2018-11-23 11:01:39,493 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 321 to 218. [2018-11-23 11:01:39,493 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:01:39,493 INFO L82 GeneralOperation]: Start isEquivalent. First operand 321 states. Second operand 218 states. [2018-11-23 11:01:39,493 INFO L74 IsIncluded]: Start isIncluded. First operand 321 states. Second operand 218 states. [2018-11-23 11:01:39,493 INFO L87 Difference]: Start difference. First operand 321 states. Second operand 218 states. [2018-11-23 11:01:39,503 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:01:39,503 INFO L93 Difference]: Finished difference Result 321 states and 511 transitions. [2018-11-23 11:01:39,504 INFO L276 IsEmpty]: Start isEmpty. Operand 321 states and 511 transitions. [2018-11-23 11:01:39,504 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:01:39,505 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:01:39,505 INFO L74 IsIncluded]: Start isIncluded. First operand 218 states. Second operand 321 states. [2018-11-23 11:01:39,505 INFO L87 Difference]: Start difference. First operand 218 states. Second operand 321 states. [2018-11-23 11:01:39,513 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:01:39,513 INFO L93 Difference]: Finished difference Result 321 states and 511 transitions. [2018-11-23 11:01:39,513 INFO L276 IsEmpty]: Start isEmpty. Operand 321 states and 511 transitions. [2018-11-23 11:01:39,514 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:01:39,514 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:01:39,514 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:01:39,515 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:01:39,515 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 218 states. [2018-11-23 11:01:39,520 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 218 states to 218 states and 353 transitions. [2018-11-23 11:01:39,520 INFO L78 Accepts]: Start accepts. Automaton has 218 states and 353 transitions. Word has length 61 [2018-11-23 11:01:39,520 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:01:39,520 INFO L480 AbstractCegarLoop]: Abstraction has 218 states and 353 transitions. [2018-11-23 11:01:39,520 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-23 11:01:39,520 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 353 transitions. [2018-11-23 11:01:39,521 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2018-11-23 11:01:39,521 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:01:39,522 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:01:39,522 INFO L423 AbstractCegarLoop]: === Iteration 7 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:01:39,522 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:01:39,522 INFO L82 PathProgramCache]: Analyzing trace with hash 1592094827, now seen corresponding path program 1 times [2018-11-23 11:01:39,523 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:01:39,523 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 8 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:01:39,552 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:01:39,771 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:01:39,839 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:01:39,841 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:01:39,888 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 20 [2018-11-23 11:01:39,893 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 23 [2018-11-23 11:01:39,901 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:01:39,907 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 33 [2018-11-23 11:01:39,915 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:01:39,923 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 27 [2018-11-23 11:01:39,930 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:01:39,941 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:39,952 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:39,960 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:39,976 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:39,976 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:27, output treesize:13 [2018-11-23 11:01:39,993 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:01:39,993 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_int_189|, |v_ssl3_accept_#t~nondet17_5|]. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (store |v_#memory_int_189| ssl3_accept_~s.base (let ((.cse0 (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (store (store (store (select |v_#memory_int_189| ssl3_accept_~s.base) .cse0 (_ bv8464 32)) (bvadd ssl3_accept_~s.offset (_ bv92 32)) |v_ssl3_accept_#t~nondet17_5|) .cse0 (_ bv8464 32)))) |#memory_int|)) [2018-11-23 11:01:39,993 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) [2018-11-23 11:01:40,027 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:01:40,028 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 38 [2018-11-23 11:01:40,037 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:01:40,042 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:01:40,045 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 35 [2018-11-23 11:01:40,073 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:01:40,077 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:40,085 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:40,085 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:34, output treesize:13 [2018-11-23 11:01:42,107 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:01:42,107 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_int_190|]. (let ((.cse0 (select |v_#memory_int_190| ssl3_accept_~s.base))) (and (= (_ bv8464 32) (select .cse0 (bvadd ssl3_accept_~s.offset (_ bv52 32)))) (= ssl3_accept_~s.offset (_ bv0 32)) (= (store |v_#memory_int_190| ssl3_accept_~s.base (let ((.cse1 (bvadd ssl3_accept_~s.offset (_ bv28 32)))) (store .cse0 .cse1 (bvadd (select .cse0 .cse1) (_ bv1 32))))) |#memory_int|))) [2018-11-23 11:01:42,107 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) [2018-11-23 11:01:42,145 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 13 [2018-11-23 11:01:42,153 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 5 [2018-11-23 11:01:42,158 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:01:42,161 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:42,163 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:01:42,163 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:17, output treesize:5 [2018-11-23 11:01:42,167 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:01:42,167 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base]. (let ((.cse0 (select (select |#memory_int| ssl3_accept_~s.base) (_ bv52 32)))) (and (= |ssl3_accept_#t~mem25| .cse0) (= (bvadd .cse0 (_ bv4294958832 32)) (_ bv0 32)))) [2018-11-23 11:01:42,167 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv0 32) (bvadd |ssl3_accept_#t~mem25| (_ bv4294958832 32))) [2018-11-23 11:01:42,308 INFO L256 TraceCheckUtils]: 0: Hoare triple {9036#true} call ULTIMATE.init(); {9036#true} is VALID [2018-11-23 11:01:42,309 INFO L273 TraceCheckUtils]: 1: Hoare triple {9036#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {9036#true} is VALID [2018-11-23 11:01:42,309 INFO L273 TraceCheckUtils]: 2: Hoare triple {9036#true} assume true; {9036#true} is VALID [2018-11-23 11:01:42,309 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {9036#true} {9036#true} #616#return; {9036#true} is VALID [2018-11-23 11:01:42,309 INFO L256 TraceCheckUtils]: 4: Hoare triple {9036#true} call #t~ret138 := main(); {9036#true} is VALID [2018-11-23 11:01:42,313 INFO L273 TraceCheckUtils]: 5: Hoare triple {9036#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {9056#(= main_~s~0.offset (_ bv0 32))} is VALID [2018-11-23 11:01:42,314 INFO L256 TraceCheckUtils]: 6: Hoare triple {9056#(= main_~s~0.offset (_ bv0 32))} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {9060#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} is VALID [2018-11-23 11:01:42,320 INFO L273 TraceCheckUtils]: 7: Hoare triple {9060#(= (_ bv0 32) |ssl3_accept_#in~s.offset|)} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,321 INFO L273 TraceCheckUtils]: 8: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,323 INFO L273 TraceCheckUtils]: 9: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,324 INFO L273 TraceCheckUtils]: 10: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,325 INFO L273 TraceCheckUtils]: 11: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,328 INFO L273 TraceCheckUtils]: 12: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,329 INFO L273 TraceCheckUtils]: 13: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !false; {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,331 INFO L273 TraceCheckUtils]: 14: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} is VALID [2018-11-23 11:01:42,331 INFO L273 TraceCheckUtils]: 15: Hoare triple {9064#(and (= ssl3_accept_~s.offset (_ bv0 32)) (= (_ bv8464 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32)))))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9089#(= (_ bv8464 32) |ssl3_accept_#t~mem25|)} is VALID [2018-11-23 11:01:42,334 INFO L273 TraceCheckUtils]: 16: Hoare triple {9089#(= (_ bv8464 32) |ssl3_accept_#t~mem25|)} assume 16384bv32 == #t~mem25;havoc #t~mem25; {9037#false} is VALID [2018-11-23 11:01:42,334 INFO L273 TraceCheckUtils]: 17: Hoare triple {9037#false} call write~intINTTYPE4(1bv32, ~s.base, ~bvadd32(36bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,334 INFO L273 TraceCheckUtils]: 18: Hoare triple {9037#false} assume 0bv32 != ~bvadd32(~cb~0.base, ~cb~0.offset); {9037#false} is VALID [2018-11-23 11:01:42,334 INFO L273 TraceCheckUtils]: 19: Hoare triple {9037#false} call #t~mem59 := read~intINTTYPE4(~s.base, ~s.offset, 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,334 INFO L273 TraceCheckUtils]: 20: Hoare triple {9037#false} assume !(3bv32 != ~bvashr32(#t~mem59, 8bv32));havoc #t~mem59;call write~intINTTYPE4(8192bv32, ~s.base, ~bvadd32(4bv32, ~s.offset), 4bv32);call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~s.base, ~bvadd32(60bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,334 INFO L273 TraceCheckUtils]: 21: Hoare triple {9037#false} assume !(0bv32 == ~bvadd32(#t~mem60.base, #t~mem60.offset));havoc #t~mem60.base, #t~mem60.offset; {9037#false} is VALID [2018-11-23 11:01:42,335 INFO L273 TraceCheckUtils]: 22: Hoare triple {9037#false} assume !(0bv32 == ~tmp___4~0);call write~intINTTYPE4(0bv32, ~s.base, ~bvadd32(64bv32, ~s.offset), 4bv32);call #t~mem62 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,335 INFO L273 TraceCheckUtils]: 23: Hoare triple {9037#false} assume 12292bv32 != #t~mem62;havoc #t~mem62; {9037#false} is VALID [2018-11-23 11:01:42,335 INFO L273 TraceCheckUtils]: 24: Hoare triple {9037#false} assume !(0bv32 == ~tmp___5~0);call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);call #t~mem63.base, #t~mem63.offset := read~$Pointer$(~s.base, ~bvadd32(204bv32, ~s.offset), 4bv32);call #t~mem64 := read~intINTTYPE4(#t~mem63.base, ~bvadd32(72bv32, #t~mem63.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem64), #t~mem63.base, ~bvadd32(72bv32, #t~mem63.offset), 4bv32);havoc #t~mem63.base, #t~mem63.offset;havoc #t~mem64; {9037#false} is VALID [2018-11-23 11:01:42,335 INFO L273 TraceCheckUtils]: 25: Hoare triple {9037#false} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call #t~mem128 := read~intINTTYPE4(#t~mem127.base, ~bvadd32(848bv32, #t~mem127.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,335 INFO L273 TraceCheckUtils]: 26: Hoare triple {9037#false} assume !(0bv32 == #t~mem128);havoc #t~mem128;havoc #t~mem127.base, #t~mem127.offset; {9037#false} is VALID [2018-11-23 11:01:42,335 INFO L273 TraceCheckUtils]: 27: Hoare triple {9037#false} ~skip~0 := 0bv32; {9037#false} is VALID [2018-11-23 11:01:42,335 INFO L273 TraceCheckUtils]: 28: Hoare triple {9037#false} assume !false; {9037#false} is VALID [2018-11-23 11:01:42,336 INFO L273 TraceCheckUtils]: 29: Hoare triple {9037#false} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,336 INFO L273 TraceCheckUtils]: 30: Hoare triple {9037#false} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,336 INFO L273 TraceCheckUtils]: 31: Hoare triple {9037#false} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,336 INFO L273 TraceCheckUtils]: 32: Hoare triple {9037#false} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,336 INFO L273 TraceCheckUtils]: 33: Hoare triple {9037#false} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,337 INFO L273 TraceCheckUtils]: 34: Hoare triple {9037#false} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,337 INFO L273 TraceCheckUtils]: 35: Hoare triple {9037#false} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,337 INFO L273 TraceCheckUtils]: 36: Hoare triple {9037#false} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,337 INFO L273 TraceCheckUtils]: 37: Hoare triple {9037#false} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,337 INFO L273 TraceCheckUtils]: 38: Hoare triple {9037#false} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,338 INFO L273 TraceCheckUtils]: 39: Hoare triple {9037#false} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,338 INFO L273 TraceCheckUtils]: 40: Hoare triple {9037#false} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,338 INFO L273 TraceCheckUtils]: 41: Hoare triple {9037#false} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,338 INFO L273 TraceCheckUtils]: 42: Hoare triple {9037#false} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,338 INFO L273 TraceCheckUtils]: 43: Hoare triple {9037#false} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,339 INFO L273 TraceCheckUtils]: 44: Hoare triple {9037#false} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,339 INFO L273 TraceCheckUtils]: 45: Hoare triple {9037#false} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,339 INFO L273 TraceCheckUtils]: 46: Hoare triple {9037#false} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,339 INFO L273 TraceCheckUtils]: 47: Hoare triple {9037#false} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,339 INFO L273 TraceCheckUtils]: 48: Hoare triple {9037#false} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,340 INFO L273 TraceCheckUtils]: 49: Hoare triple {9037#false} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,340 INFO L273 TraceCheckUtils]: 50: Hoare triple {9037#false} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,340 INFO L273 TraceCheckUtils]: 51: Hoare triple {9037#false} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,340 INFO L273 TraceCheckUtils]: 52: Hoare triple {9037#false} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,340 INFO L273 TraceCheckUtils]: 53: Hoare triple {9037#false} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,341 INFO L273 TraceCheckUtils]: 54: Hoare triple {9037#false} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,341 INFO L273 TraceCheckUtils]: 55: Hoare triple {9037#false} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,341 INFO L273 TraceCheckUtils]: 56: Hoare triple {9037#false} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,341 INFO L273 TraceCheckUtils]: 57: Hoare triple {9037#false} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {9037#false} is VALID [2018-11-23 11:01:42,341 INFO L273 TraceCheckUtils]: 58: Hoare triple {9037#false} assume 8640bv32 == #t~mem52;havoc #t~mem52; {9037#false} is VALID [2018-11-23 11:01:42,342 INFO L273 TraceCheckUtils]: 59: Hoare triple {9037#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {9037#false} is VALID [2018-11-23 11:01:42,342 INFO L273 TraceCheckUtils]: 60: Hoare triple {9037#false} assume !(4bv32 == ~blastFlag~0); {9037#false} is VALID [2018-11-23 11:01:42,342 INFO L273 TraceCheckUtils]: 61: Hoare triple {9037#false} assume !false; {9037#false} is VALID [2018-11-23 11:01:42,346 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:01:42,346 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:01:42,355 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:01:42,355 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2018-11-23 11:01:42,356 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 62 [2018-11-23 11:01:42,356 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:01:42,356 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2018-11-23 11:01:42,518 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 62 edges. 62 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:01:42,518 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2018-11-23 11:01:42,518 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2018-11-23 11:01:42,519 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2018-11-23 11:01:42,519 INFO L87 Difference]: Start difference. First operand 218 states and 353 transitions. Second operand 6 states. [2018-11-23 11:02:03,577 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:02:03,577 INFO L93 Difference]: Finished difference Result 511 states and 826 transitions. [2018-11-23 11:02:03,577 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2018-11-23 11:02:03,578 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 62 [2018-11-23 11:02:03,578 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:02:03,578 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-23 11:02:03,582 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 534 transitions. [2018-11-23 11:02:03,582 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2018-11-23 11:02:03,584 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 534 transitions. [2018-11-23 11:02:03,584 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 534 transitions. [2018-11-23 11:02:04,579 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 534 edges. 534 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:02:04,587 INFO L225 Difference]: With dead ends: 511 [2018-11-23 11:02:04,587 INFO L226 Difference]: Without dead ends: 307 [2018-11-23 11:02:04,588 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 63 GetRequests, 57 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2018-11-23 11:02:04,588 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2018-11-23 11:02:05,124 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 222. [2018-11-23 11:02:05,124 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:02:05,124 INFO L82 GeneralOperation]: Start isEquivalent. First operand 307 states. Second operand 222 states. [2018-11-23 11:02:05,124 INFO L74 IsIncluded]: Start isIncluded. First operand 307 states. Second operand 222 states. [2018-11-23 11:02:05,124 INFO L87 Difference]: Start difference. First operand 307 states. Second operand 222 states. [2018-11-23 11:02:05,132 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:02:05,132 INFO L93 Difference]: Finished difference Result 307 states and 489 transitions. [2018-11-23 11:02:05,132 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 489 transitions. [2018-11-23 11:02:05,133 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:02:05,133 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:02:05,133 INFO L74 IsIncluded]: Start isIncluded. First operand 222 states. Second operand 307 states. [2018-11-23 11:02:05,134 INFO L87 Difference]: Start difference. First operand 222 states. Second operand 307 states. [2018-11-23 11:02:05,141 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:02:05,141 INFO L93 Difference]: Finished difference Result 307 states and 489 transitions. [2018-11-23 11:02:05,142 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 489 transitions. [2018-11-23 11:02:05,142 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:02:05,142 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:02:05,143 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:02:05,143 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:02:05,143 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 222 states. [2018-11-23 11:02:05,148 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 222 states to 222 states and 358 transitions. [2018-11-23 11:02:05,148 INFO L78 Accepts]: Start accepts. Automaton has 222 states and 358 transitions. Word has length 62 [2018-11-23 11:02:05,148 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:02:05,148 INFO L480 AbstractCegarLoop]: Abstraction has 222 states and 358 transitions. [2018-11-23 11:02:05,148 INFO L481 AbstractCegarLoop]: Interpolant automaton has 6 states. [2018-11-23 11:02:05,148 INFO L276 IsEmpty]: Start isEmpty. Operand 222 states and 358 transitions. [2018-11-23 11:02:05,149 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2018-11-23 11:02:05,149 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:02:05,150 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:02:05,150 INFO L423 AbstractCegarLoop]: === Iteration 8 === [ssl3_acceptErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:02:05,150 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:02:05,150 INFO L82 PathProgramCache]: Analyzing trace with hash 1861294302, now seen corresponding path program 1 times [2018-11-23 11:02:05,151 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:02:05,151 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 9 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:02:05,169 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:02:05,319 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:02:05,357 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:02:05,359 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:02:05,402 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 10 [2018-11-23 11:02:05,412 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2018-11-23 11:02:05,415 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:02:05,420 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:02:05,424 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:02:05,425 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 1 variables, input treesize:13, output treesize:9 [2018-11-23 11:02:05,537 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 15 [2018-11-23 11:02:05,542 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 3 [2018-11-23 11:02:05,546 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:02:05,548 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:02:05,552 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:02:05,552 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:19, output treesize:3 [2018-11-23 11:02:05,556 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:02:05,557 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, ssl3_accept_~s.base, ssl3_accept_~s.offset]. (let ((.cse0 (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))) (and (= |ssl3_accept_#t~mem53| .cse0) (= (_ bv3 32) .cse0))) [2018-11-23 11:02:05,557 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= |ssl3_accept_#t~mem53| (_ bv3 32)) [2018-11-23 11:02:05,565 INFO L256 TraceCheckUtils]: 0: Hoare triple {10691#true} call ULTIMATE.init(); {10691#true} is VALID [2018-11-23 11:02:05,565 INFO L273 TraceCheckUtils]: 1: Hoare triple {10691#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];~init~0 := 1bv32;call ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset := #Ultimate.alloc(100bv32);call write~init~intINTTYPE4(0bv32, ~#SSLv3_server_data~0.base, ~#SSLv3_server_data~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(4bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(8bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(12bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(16bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(20bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(24bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(28bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(32bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(36bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(40bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(44bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(48bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(52bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(56bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(60bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(64bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(68bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(72bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(76bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(80bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(84bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(88bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(92bv32, ~#SSLv3_server_data~0.offset), 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#SSLv3_server_data~0.base, ~bvadd32(96bv32, ~#SSLv3_server_data~0.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,566 INFO L273 TraceCheckUtils]: 2: Hoare triple {10691#true} assume true; {10691#true} is VALID [2018-11-23 11:02:05,566 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {10691#true} {10691#true} #616#return; {10691#true} is VALID [2018-11-23 11:02:05,566 INFO L256 TraceCheckUtils]: 4: Hoare triple {10691#true} call #t~ret138 := main(); {10691#true} is VALID [2018-11-23 11:02:05,566 INFO L273 TraceCheckUtils]: 5: Hoare triple {10691#true} havoc ~s~0.base, ~s~0.offset;havoc ~tmp~2;call #t~malloc3.base, #t~malloc3.offset := #Ultimate.alloc(248bv32);~s~0.base, ~s~0.offset := #t~malloc3.base, #t~malloc3.offset;call #t~malloc4.base, #t~malloc4.offset := #Ultimate.alloc(899bv32);call write~$Pointer$(#t~malloc4.base, #t~malloc4.offset, ~s~0.base, ~bvadd32(84bv32, ~s~0.offset), 4bv32);call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(232bv32);call write~$Pointer$(#t~malloc5.base, #t~malloc5.offset, ~s~0.base, ~bvadd32(204bv32, ~s~0.offset), 4bv32);call #t~malloc6.base, #t~malloc6.offset := #Ultimate.alloc(200bv32);call write~$Pointer$(#t~malloc6.base, #t~malloc6.offset, ~s~0.base, ~bvadd32(176bv32, ~s~0.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,567 INFO L256 TraceCheckUtils]: 6: Hoare triple {10691#true} call #t~ret7 := ssl3_accept(~s~0.base, ~s~0.offset); {10691#true} is VALID [2018-11-23 11:02:05,567 INFO L273 TraceCheckUtils]: 7: Hoare triple {10691#true} ~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~buf~0.base, ~buf~0.offset;havoc ~l~0;havoc ~Time~0;havoc ~tmp~3;havoc ~cb~0.base, ~cb~0.offset;havoc ~num1~0;havoc ~ret~0;havoc ~new_state~0;havoc ~state~0;havoc ~skip~0;havoc ~got_new_session~0;~tmp___1~0 := #t~nondet8;havoc #t~nondet8;~tmp___2~0 := #t~nondet9;havoc #t~nondet9;~tmp___3~0 := #t~nondet10;havoc #t~nondet10;~tmp___4~0 := #t~nondet11;havoc #t~nondet11;~tmp___5~0 := #t~nondet12;havoc #t~nondet12;~tmp___6~0 := #t~nondet13;havoc #t~nondet13;havoc ~tmp___7~0;~tmp___8~0 := #t~nondet14;havoc #t~nondet14;~tmp___9~0 := #t~nondet15;havoc #t~nondet15;~tmp___10~0 := #t~nondet16;havoc #t~nondet16;havoc ~blastFlag~0;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~blastFlag~0 := 0bv32;call write~intINTTYPE4(#t~nondet17, ~s.base, ~bvadd32(92bv32, ~s.offset), 4bv32);havoc #t~nondet17;call write~intINTTYPE4(8464bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~tmp~3 := #t~nondet18;havoc #t~nondet18;~Time~0 := ~tmp~3;~cb~0.base, ~cb~0.offset := 0bv32, 0bv32;~ret~0 := 4294967295bv32;~skip~0 := 0bv32;~got_new_session~0 := 0bv32;call #t~mem19.base, #t~mem19.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,567 INFO L273 TraceCheckUtils]: 8: Hoare triple {10691#true} assume 0bv32 != ~bvadd32(#t~mem19.base, #t~mem19.offset);havoc #t~mem19.base, #t~mem19.offset;call #t~mem20.base, #t~mem20.offset := read~$Pointer$(~s.base, ~bvadd32(192bv32, ~s.offset), 4bv32);~cb~0.base, ~cb~0.offset := #t~mem20.base, #t~mem20.offset;havoc #t~mem20.base, #t~mem20.offset; {10691#true} is VALID [2018-11-23 11:02:05,567 INFO L273 TraceCheckUtils]: 9: Hoare triple {10691#true} call #t~mem21 := read~intINTTYPE4(~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);call write~intINTTYPE4(~bvadd32(1bv32, #t~mem21), ~s.base, ~bvadd32(28bv32, ~s.offset), 4bv32);havoc #t~mem21; {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 10: Hoare triple {10691#true} assume !(0bv32 != ~bvand32(12288bv32, ~tmp___1~0)); {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 11: Hoare triple {10691#true} call #t~mem22.base, #t~mem22.offset := read~$Pointer$(~s.base, ~bvadd32(136bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 12: Hoare triple {10691#true} assume !(0bv32 == ~bvadd32(#t~mem22.base, #t~mem22.offset));havoc #t~mem22.base, #t~mem22.offset; {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 13: Hoare triple {10691#true} assume !false; {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 14: Hoare triple {10691#true} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 15: Hoare triple {10691#true} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 16: Hoare triple {10691#true} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,568 INFO L273 TraceCheckUtils]: 17: Hoare triple {10691#true} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,569 INFO L273 TraceCheckUtils]: 18: Hoare triple {10691#true} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,569 INFO L273 TraceCheckUtils]: 19: Hoare triple {10691#true} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,569 INFO L273 TraceCheckUtils]: 20: Hoare triple {10691#true} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,569 INFO L273 TraceCheckUtils]: 21: Hoare triple {10691#true} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10691#true} is VALID [2018-11-23 11:02:05,569 INFO L273 TraceCheckUtils]: 22: Hoare triple {10691#true} assume 8482bv32 == #t~mem31;havoc #t~mem31; {10691#true} is VALID [2018-11-23 11:02:05,571 INFO L273 TraceCheckUtils]: 23: Hoare triple {10691#true} call write~intINTTYPE4(3bv32, ~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,571 INFO L273 TraceCheckUtils]: 24: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} call #t~mem127.base, #t~mem127.offset := read~$Pointer$(~s.base, ~bvadd32(84bv32, ~s.offset), 4bv32);call #t~mem128 := read~intINTTYPE4(#t~mem127.base, ~bvadd32(848bv32, #t~mem127.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,571 INFO L273 TraceCheckUtils]: 25: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(0bv32 == #t~mem128);havoc #t~mem128;havoc #t~mem127.base, #t~mem127.offset; {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,572 INFO L273 TraceCheckUtils]: 26: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} ~skip~0 := 0bv32; {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,572 INFO L273 TraceCheckUtils]: 27: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !false; {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,572 INFO L273 TraceCheckUtils]: 28: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} call #t~mem23 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32);~state~0 := #t~mem23;havoc #t~mem23;call #t~mem24 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,573 INFO L273 TraceCheckUtils]: 29: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(12292bv32 == #t~mem24);havoc #t~mem24;call #t~mem25 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,573 INFO L273 TraceCheckUtils]: 30: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(16384bv32 == #t~mem25);havoc #t~mem25;call #t~mem26 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,574 INFO L273 TraceCheckUtils]: 31: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8192bv32 == #t~mem26);havoc #t~mem26;call #t~mem27 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,574 INFO L273 TraceCheckUtils]: 32: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(24576bv32 == #t~mem27);havoc #t~mem27;call #t~mem28 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,575 INFO L273 TraceCheckUtils]: 33: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8195bv32 == #t~mem28);havoc #t~mem28;call #t~mem29 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,576 INFO L273 TraceCheckUtils]: 34: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8480bv32 == #t~mem29);havoc #t~mem29;call #t~mem30 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,576 INFO L273 TraceCheckUtils]: 35: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8481bv32 == #t~mem30);havoc #t~mem30;call #t~mem31 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,577 INFO L273 TraceCheckUtils]: 36: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8482bv32 == #t~mem31);havoc #t~mem31;call #t~mem32 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,577 INFO L273 TraceCheckUtils]: 37: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8464bv32 == #t~mem32);havoc #t~mem32;call #t~mem33 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,578 INFO L273 TraceCheckUtils]: 38: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8465bv32 == #t~mem33);havoc #t~mem33;call #t~mem34 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,578 INFO L273 TraceCheckUtils]: 39: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8466bv32 == #t~mem34);havoc #t~mem34;call #t~mem35 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,579 INFO L273 TraceCheckUtils]: 40: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8496bv32 == #t~mem35);havoc #t~mem35;call #t~mem36 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,579 INFO L273 TraceCheckUtils]: 41: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8497bv32 == #t~mem36);havoc #t~mem36;call #t~mem37 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,580 INFO L273 TraceCheckUtils]: 42: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8512bv32 == #t~mem37);havoc #t~mem37;call #t~mem38 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,581 INFO L273 TraceCheckUtils]: 43: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8513bv32 == #t~mem38);havoc #t~mem38;call #t~mem39 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,581 INFO L273 TraceCheckUtils]: 44: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8528bv32 == #t~mem39);havoc #t~mem39;call #t~mem40 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,582 INFO L273 TraceCheckUtils]: 45: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8529bv32 == #t~mem40);havoc #t~mem40;call #t~mem41 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,588 INFO L273 TraceCheckUtils]: 46: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8544bv32 == #t~mem41);havoc #t~mem41;call #t~mem42 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,589 INFO L273 TraceCheckUtils]: 47: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8545bv32 == #t~mem42);havoc #t~mem42;call #t~mem43 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,589 INFO L273 TraceCheckUtils]: 48: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8560bv32 == #t~mem43);havoc #t~mem43;call #t~mem44 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,590 INFO L273 TraceCheckUtils]: 49: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8561bv32 == #t~mem44);havoc #t~mem44;call #t~mem45 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,590 INFO L273 TraceCheckUtils]: 50: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8448bv32 == #t~mem45);havoc #t~mem45;call #t~mem46 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,590 INFO L273 TraceCheckUtils]: 51: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8576bv32 == #t~mem46);havoc #t~mem46;call #t~mem47 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,591 INFO L273 TraceCheckUtils]: 52: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8577bv32 == #t~mem47);havoc #t~mem47;call #t~mem48 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,591 INFO L273 TraceCheckUtils]: 53: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8592bv32 == #t~mem48);havoc #t~mem48;call #t~mem49 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,591 INFO L273 TraceCheckUtils]: 54: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8593bv32 == #t~mem49);havoc #t~mem49;call #t~mem50 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,592 INFO L273 TraceCheckUtils]: 55: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8608bv32 == #t~mem50);havoc #t~mem50;call #t~mem51 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,592 INFO L273 TraceCheckUtils]: 56: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8609bv32 == #t~mem51);havoc #t~mem51;call #t~mem52 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} is VALID [2018-11-23 11:02:05,593 INFO L273 TraceCheckUtils]: 57: Hoare triple {10765#(= (_ bv3 32) (select (select |#memory_int| ssl3_accept_~s.base) (bvadd ssl3_accept_~s.offset (_ bv52 32))))} assume !(8640bv32 == #t~mem52);havoc #t~mem52;call #t~mem53 := read~intINTTYPE4(~s.base, ~bvadd32(52bv32, ~s.offset), 4bv32); {10868#(= (bvadd |ssl3_accept_#t~mem53| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:02:05,593 INFO L273 TraceCheckUtils]: 58: Hoare triple {10868#(= (bvadd |ssl3_accept_#t~mem53| (_ bv4294967293 32)) (_ bv0 32))} assume 8641bv32 == #t~mem53;havoc #t~mem53; {10692#false} is VALID [2018-11-23 11:02:05,594 INFO L273 TraceCheckUtils]: 59: Hoare triple {10692#false} ~ret~0 := #t~nondet115;havoc #t~nondet115; {10692#false} is VALID [2018-11-23 11:02:05,594 INFO L273 TraceCheckUtils]: 60: Hoare triple {10692#false} assume !(4bv32 == ~blastFlag~0); {10692#false} is VALID [2018-11-23 11:02:05,594 INFO L273 TraceCheckUtils]: 61: Hoare triple {10692#false} assume !false; {10692#false} is VALID [2018-11-23 11:02:05,601 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 10 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:02:05,601 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:02:05,604 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:02:05,604 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-23 11:02:05,604 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 62 [2018-11-23 11:02:05,605 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:02:05,605 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-23 11:02:05,717 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 62 edges. 62 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:02:05,717 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-23 11:02:05,717 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-23 11:02:05,717 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-23 11:02:05,718 INFO L87 Difference]: Start difference. First operand 222 states and 358 transitions. Second operand 4 states.