java -ea -Xmx8000000000 -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc ../../../trunk/examples/toolchains/AutomizerCInline_WitnessPrinter.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf -i ../../../trunk/examples/svcomp/list-simple/sll2n_insert_equal_true-unreach-call_true-valid-memsafety.i -------------------------------------------------------------------------------- This is Ultimate 0.1.23-61f4311 [2018-11-23 11:16:02,364 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-23 11:16:02,366 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-23 11:16:02,378 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-23 11:16:02,378 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-23 11:16:02,379 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-23 11:16:02,381 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-23 11:16:02,383 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-23 11:16:02,384 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-23 11:16:02,385 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-23 11:16:02,386 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-23 11:16:02,386 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-23 11:16:02,387 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-23 11:16:02,388 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-23 11:16:02,390 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-23 11:16:02,390 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-23 11:16:02,391 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-23 11:16:02,393 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-23 11:16:02,398 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-23 11:16:02,400 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-23 11:16:02,401 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-23 11:16:02,402 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-23 11:16:02,407 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-23 11:16:02,409 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-23 11:16:02,409 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-23 11:16:02,410 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-23 11:16:02,411 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-23 11:16:02,411 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-23 11:16:02,412 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-23 11:16:02,413 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-23 11:16:02,413 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-23 11:16:02,414 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-23 11:16:02,414 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-23 11:16:02,415 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-23 11:16:02,415 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-23 11:16:02,416 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-23 11:16:02,417 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf [2018-11-23 11:16:02,440 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-23 11:16:02,440 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-23 11:16:02,441 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-23 11:16:02,442 INFO L133 SettingsManager]: * ... calls to implemented procedures=ONLY_FOR_CONCURRENT_PROGRAMS [2018-11-23 11:16:02,442 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-23 11:16:02,442 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-23 11:16:02,443 INFO L133 SettingsManager]: * Use SBE=true [2018-11-23 11:16:02,443 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-23 11:16:02,443 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-23 11:16:02,443 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-23 11:16:02,443 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-23 11:16:02,444 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-23 11:16:02,444 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-23 11:16:02,444 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-23 11:16:02,444 INFO L133 SettingsManager]: * Use bitvectors instead of ints=true [2018-11-23 11:16:02,444 INFO L133 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2018-11-23 11:16:02,444 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-23 11:16:02,445 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-23 11:16:02,445 INFO L133 SettingsManager]: * Use constant arrays=true [2018-11-23 11:16:02,445 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-23 11:16:02,445 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-23 11:16:02,446 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-23 11:16:02,446 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-23 11:16:02,446 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-23 11:16:02,446 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 11:16:02,446 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-23 11:16:02,447 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-23 11:16:02,447 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-23 11:16:02,447 INFO L133 SettingsManager]: * Trace refinement strategy=WOLF [2018-11-23 11:16:02,447 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-23 11:16:02,447 INFO L133 SettingsManager]: * Command for external solver=cvc4nyu --tear-down-incremental --rewrite-divk --print-success --lang smt [2018-11-23 11:16:02,448 INFO L133 SettingsManager]: * Logic for external solver=AUFBV [2018-11-23 11:16:02,448 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2018-11-23 11:16:02,508 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-23 11:16:02,520 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-23 11:16:02,524 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-23 11:16:02,526 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-23 11:16:02,526 INFO L276 PluginConnector]: CDTParser initialized [2018-11-23 11:16:02,527 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/list-simple/sll2n_insert_equal_true-unreach-call_true-valid-memsafety.i [2018-11-23 11:16:02,591 INFO L221 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c57bfb2c2/bb33141ccd344f5fb529dbc04b7d723a/FLAG889081921 [2018-11-23 11:16:03,121 INFO L307 CDTParser]: Found 1 translation units. [2018-11-23 11:16:03,121 INFO L161 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/list-simple/sll2n_insert_equal_true-unreach-call_true-valid-memsafety.i [2018-11-23 11:16:03,134 INFO L355 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c57bfb2c2/bb33141ccd344f5fb529dbc04b7d723a/FLAG889081921 [2018-11-23 11:16:03,421 INFO L363 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c57bfb2c2/bb33141ccd344f5fb529dbc04b7d723a [2018-11-23 11:16:03,432 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-23 11:16:03,434 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2018-11-23 11:16:03,435 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-23 11:16:03,435 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-23 11:16:03,439 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-23 11:16:03,440 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 11:16:03" (1/1) ... [2018-11-23 11:16:03,443 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@65935305 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:03, skipping insertion in model container [2018-11-23 11:16:03,444 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 11:16:03" (1/1) ... [2018-11-23 11:16:03,455 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-23 11:16:03,518 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-23 11:16:03,942 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 11:16:03,961 INFO L191 MainTranslator]: Completed pre-run [2018-11-23 11:16:04,135 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 11:16:04,202 INFO L195 MainTranslator]: Completed translation [2018-11-23 11:16:04,203 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04 WrapperNode [2018-11-23 11:16:04,203 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-23 11:16:04,204 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2018-11-23 11:16:04,204 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2018-11-23 11:16:04,204 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2018-11-23 11:16:04,213 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,237 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,249 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2018-11-23 11:16:04,249 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-23 11:16:04,250 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-23 11:16:04,250 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-23 11:16:04,258 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,258 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,263 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,263 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,283 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,291 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,294 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... [2018-11-23 11:16:04,298 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-23 11:16:04,299 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-23 11:16:04,299 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-23 11:16:04,299 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-23 11:16:04,300 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 11:16:04,350 INFO L130 BoogieDeclarations]: Found specification of procedure sll_destroy [2018-11-23 11:16:04,350 INFO L138 BoogieDeclarations]: Found implementation of procedure sll_destroy [2018-11-23 11:16:04,350 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-23 11:16:04,350 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE4 [2018-11-23 11:16:04,350 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2018-11-23 11:16:04,350 INFO L138 BoogieDeclarations]: Found implementation of procedure exit [2018-11-23 11:16:04,351 INFO L130 BoogieDeclarations]: Found specification of procedure sll_create [2018-11-23 11:16:04,351 INFO L138 BoogieDeclarations]: Found implementation of procedure sll_create [2018-11-23 11:16:04,351 INFO L130 BoogieDeclarations]: Found specification of procedure node_create [2018-11-23 11:16:04,351 INFO L138 BoogieDeclarations]: Found implementation of procedure node_create [2018-11-23 11:16:04,351 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-23 11:16:04,352 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-23 11:16:04,352 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-23 11:16:04,352 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-23 11:16:04,352 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2018-11-23 11:16:04,352 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2018-11-23 11:16:04,352 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2018-11-23 11:16:04,352 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2018-11-23 11:16:04,353 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2018-11-23 11:16:04,353 INFO L130 BoogieDeclarations]: Found specification of procedure sll_insert [2018-11-23 11:16:04,353 INFO L138 BoogieDeclarations]: Found implementation of procedure sll_insert [2018-11-23 11:16:04,353 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-23 11:16:04,353 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-23 11:16:05,381 INFO L275 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-23 11:16:05,381 INFO L280 CfgBuilder]: Removed 4 assue(true) statements. [2018-11-23 11:16:05,382 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 11:16:05 BoogieIcfgContainer [2018-11-23 11:16:05,382 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-23 11:16:05,383 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-23 11:16:05,383 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-23 11:16:05,386 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-23 11:16:05,386 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 11:16:03" (1/3) ... [2018-11-23 11:16:05,387 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@f16c481 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 11:16:05, skipping insertion in model container [2018-11-23 11:16:05,387 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:16:04" (2/3) ... [2018-11-23 11:16:05,388 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@f16c481 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 11:16:05, skipping insertion in model container [2018-11-23 11:16:05,388 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 11:16:05" (3/3) ... [2018-11-23 11:16:05,390 INFO L112 eAbstractionObserver]: Analyzing ICFG sll2n_insert_equal_true-unreach-call_true-valid-memsafety.i [2018-11-23 11:16:05,400 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-23 11:16:05,408 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-11-23 11:16:05,424 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-11-23 11:16:05,456 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-23 11:16:05,456 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-23 11:16:05,457 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-23 11:16:05,457 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-23 11:16:05,457 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-23 11:16:05,457 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-23 11:16:05,458 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-23 11:16:05,458 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-23 11:16:05,458 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-23 11:16:05,477 INFO L276 IsEmpty]: Start isEmpty. Operand 49 states. [2018-11-23 11:16:05,484 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2018-11-23 11:16:05,485 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:16:05,486 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:16:05,488 INFO L423 AbstractCegarLoop]: === Iteration 1 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:16:05,495 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:16:05,495 INFO L82 PathProgramCache]: Analyzing trace with hash -39006613, now seen corresponding path program 1 times [2018-11-23 11:16:05,500 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:16:05,501 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:16:05,520 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:16:05,606 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:05,647 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:05,652 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:16:05,745 INFO L256 TraceCheckUtils]: 0: Hoare triple {52#true} call ULTIMATE.init(); {52#true} is VALID [2018-11-23 11:16:05,750 INFO L273 TraceCheckUtils]: 1: Hoare triple {52#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {52#true} is VALID [2018-11-23 11:16:05,751 INFO L273 TraceCheckUtils]: 2: Hoare triple {52#true} assume true; {52#true} is VALID [2018-11-23 11:16:05,751 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {52#true} {52#true} #118#return; {52#true} is VALID [2018-11-23 11:16:05,752 INFO L256 TraceCheckUtils]: 4: Hoare triple {52#true} call #t~ret16 := main(); {52#true} is VALID [2018-11-23 11:16:05,752 INFO L273 TraceCheckUtils]: 5: Hoare triple {52#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {52#true} is VALID [2018-11-23 11:16:05,752 INFO L256 TraceCheckUtils]: 6: Hoare triple {52#true} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {52#true} is VALID [2018-11-23 11:16:05,753 INFO L273 TraceCheckUtils]: 7: Hoare triple {52#true} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {52#true} is VALID [2018-11-23 11:16:05,766 INFO L273 TraceCheckUtils]: 8: Hoare triple {52#true} assume !true; {53#false} is VALID [2018-11-23 11:16:05,767 INFO L273 TraceCheckUtils]: 9: Hoare triple {53#false} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {53#false} is VALID [2018-11-23 11:16:05,767 INFO L273 TraceCheckUtils]: 10: Hoare triple {53#false} assume true; {53#false} is VALID [2018-11-23 11:16:05,767 INFO L268 TraceCheckUtils]: 11: Hoare quadruple {53#false} {52#true} #108#return; {53#false} is VALID [2018-11-23 11:16:05,768 INFO L273 TraceCheckUtils]: 12: Hoare triple {53#false} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {53#false} is VALID [2018-11-23 11:16:05,768 INFO L256 TraceCheckUtils]: 13: Hoare triple {53#false} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {53#false} is VALID [2018-11-23 11:16:05,769 INFO L273 TraceCheckUtils]: 14: Hoare triple {53#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {53#false} is VALID [2018-11-23 11:16:05,769 INFO L256 TraceCheckUtils]: 15: Hoare triple {53#false} call #t~ret6.base, #t~ret6.offset := node_create(~data); {53#false} is VALID [2018-11-23 11:16:05,769 INFO L273 TraceCheckUtils]: 16: Hoare triple {53#false} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {53#false} is VALID [2018-11-23 11:16:05,770 INFO L273 TraceCheckUtils]: 17: Hoare triple {53#false} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {53#false} is VALID [2018-11-23 11:16:05,770 INFO L273 TraceCheckUtils]: 18: Hoare triple {53#false} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {53#false} is VALID [2018-11-23 11:16:05,771 INFO L273 TraceCheckUtils]: 19: Hoare triple {53#false} assume true; {53#false} is VALID [2018-11-23 11:16:05,771 INFO L268 TraceCheckUtils]: 20: Hoare quadruple {53#false} {53#false} #116#return; {53#false} is VALID [2018-11-23 11:16:05,771 INFO L273 TraceCheckUtils]: 21: Hoare triple {53#false} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {53#false} is VALID [2018-11-23 11:16:05,772 INFO L273 TraceCheckUtils]: 22: Hoare triple {53#false} assume !~bvsgt32(~index, 0bv32); {53#false} is VALID [2018-11-23 11:16:05,772 INFO L273 TraceCheckUtils]: 23: Hoare triple {53#false} assume ~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32;call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~snd_to_last~0.base, ~bvadd32(4bv32, ~snd_to_last~0.offset), 4bv32); {53#false} is VALID [2018-11-23 11:16:05,773 INFO L273 TraceCheckUtils]: 24: Hoare triple {53#false} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {53#false} is VALID [2018-11-23 11:16:05,773 INFO L273 TraceCheckUtils]: 25: Hoare triple {53#false} assume true; {53#false} is VALID [2018-11-23 11:16:05,773 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {53#false} {53#false} #110#return; {53#false} is VALID [2018-11-23 11:16:05,774 INFO L273 TraceCheckUtils]: 27: Hoare triple {53#false} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {53#false} is VALID [2018-11-23 11:16:05,774 INFO L273 TraceCheckUtils]: 28: Hoare triple {53#false} assume !true; {53#false} is VALID [2018-11-23 11:16:05,775 INFO L273 TraceCheckUtils]: 29: Hoare triple {53#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {53#false} is VALID [2018-11-23 11:16:05,775 INFO L273 TraceCheckUtils]: 30: Hoare triple {53#false} assume !false; {53#false} is VALID [2018-11-23 11:16:05,782 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:16:05,783 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:16:05,793 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:16:05,793 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2018-11-23 11:16:05,801 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 31 [2018-11-23 11:16:05,805 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:16:05,809 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states. [2018-11-23 11:16:05,936 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:05,937 INFO L459 AbstractCegarLoop]: Interpolant automaton has 2 states [2018-11-23 11:16:05,947 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2018-11-23 11:16:05,948 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-23 11:16:05,950 INFO L87 Difference]: Start difference. First operand 49 states. Second operand 2 states. [2018-11-23 11:16:06,797 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:06,797 INFO L93 Difference]: Finished difference Result 86 states and 109 transitions. [2018-11-23 11:16:06,798 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2018-11-23 11:16:06,798 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 31 [2018-11-23 11:16:06,798 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:16:06,800 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-23 11:16:06,821 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 109 transitions. [2018-11-23 11:16:06,822 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-23 11:16:06,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 109 transitions. [2018-11-23 11:16:06,830 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 109 transitions. [2018-11-23 11:16:07,573 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 109 edges. 109 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:07,587 INFO L225 Difference]: With dead ends: 86 [2018-11-23 11:16:07,587 INFO L226 Difference]: Without dead ends: 36 [2018-11-23 11:16:07,591 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-23 11:16:07,607 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 36 states. [2018-11-23 11:16:07,666 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 36 to 36. [2018-11-23 11:16:07,666 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:16:07,667 INFO L82 GeneralOperation]: Start isEquivalent. First operand 36 states. Second operand 36 states. [2018-11-23 11:16:07,668 INFO L74 IsIncluded]: Start isIncluded. First operand 36 states. Second operand 36 states. [2018-11-23 11:16:07,669 INFO L87 Difference]: Start difference. First operand 36 states. Second operand 36 states. [2018-11-23 11:16:07,676 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:07,676 INFO L93 Difference]: Finished difference Result 36 states and 41 transitions. [2018-11-23 11:16:07,676 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 41 transitions. [2018-11-23 11:16:07,677 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:07,678 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:07,678 INFO L74 IsIncluded]: Start isIncluded. First operand 36 states. Second operand 36 states. [2018-11-23 11:16:07,678 INFO L87 Difference]: Start difference. First operand 36 states. Second operand 36 states. [2018-11-23 11:16:07,683 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:07,684 INFO L93 Difference]: Finished difference Result 36 states and 41 transitions. [2018-11-23 11:16:07,684 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 41 transitions. [2018-11-23 11:16:07,685 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:07,685 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:07,685 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:16:07,685 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:16:07,686 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 36 states. [2018-11-23 11:16:07,689 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 41 transitions. [2018-11-23 11:16:07,691 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 41 transitions. Word has length 31 [2018-11-23 11:16:07,691 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:16:07,692 INFO L480 AbstractCegarLoop]: Abstraction has 36 states and 41 transitions. [2018-11-23 11:16:07,692 INFO L481 AbstractCegarLoop]: Interpolant automaton has 2 states. [2018-11-23 11:16:07,692 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 41 transitions. [2018-11-23 11:16:07,693 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2018-11-23 11:16:07,694 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:16:07,694 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:16:07,694 INFO L423 AbstractCegarLoop]: === Iteration 2 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:16:07,694 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:16:07,695 INFO L82 PathProgramCache]: Analyzing trace with hash -1407196518, now seen corresponding path program 1 times [2018-11-23 11:16:07,696 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:16:07,696 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:16:07,719 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:16:07,772 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:07,802 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:07,803 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:16:07,947 INFO L256 TraceCheckUtils]: 0: Hoare triple {389#true} call ULTIMATE.init(); {389#true} is VALID [2018-11-23 11:16:07,948 INFO L273 TraceCheckUtils]: 1: Hoare triple {389#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {389#true} is VALID [2018-11-23 11:16:07,948 INFO L273 TraceCheckUtils]: 2: Hoare triple {389#true} assume true; {389#true} is VALID [2018-11-23 11:16:07,948 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {389#true} {389#true} #118#return; {389#true} is VALID [2018-11-23 11:16:07,949 INFO L256 TraceCheckUtils]: 4: Hoare triple {389#true} call #t~ret16 := main(); {389#true} is VALID [2018-11-23 11:16:07,949 INFO L273 TraceCheckUtils]: 5: Hoare triple {389#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {389#true} is VALID [2018-11-23 11:16:07,949 INFO L256 TraceCheckUtils]: 6: Hoare triple {389#true} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {389#true} is VALID [2018-11-23 11:16:07,950 INFO L273 TraceCheckUtils]: 7: Hoare triple {389#true} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {389#true} is VALID [2018-11-23 11:16:07,950 INFO L273 TraceCheckUtils]: 8: Hoare triple {389#true} assume !~bvsgt32(~len, 0bv32); {389#true} is VALID [2018-11-23 11:16:07,951 INFO L273 TraceCheckUtils]: 9: Hoare triple {389#true} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {389#true} is VALID [2018-11-23 11:16:07,951 INFO L273 TraceCheckUtils]: 10: Hoare triple {389#true} assume true; {389#true} is VALID [2018-11-23 11:16:07,951 INFO L268 TraceCheckUtils]: 11: Hoare quadruple {389#true} {389#true} #108#return; {389#true} is VALID [2018-11-23 11:16:07,952 INFO L273 TraceCheckUtils]: 12: Hoare triple {389#true} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {389#true} is VALID [2018-11-23 11:16:07,952 INFO L256 TraceCheckUtils]: 13: Hoare triple {389#true} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {389#true} is VALID [2018-11-23 11:16:07,952 INFO L273 TraceCheckUtils]: 14: Hoare triple {389#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {389#true} is VALID [2018-11-23 11:16:07,953 INFO L256 TraceCheckUtils]: 15: Hoare triple {389#true} call #t~ret6.base, #t~ret6.offset := node_create(~data); {389#true} is VALID [2018-11-23 11:16:07,953 INFO L273 TraceCheckUtils]: 16: Hoare triple {389#true} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {389#true} is VALID [2018-11-23 11:16:07,953 INFO L273 TraceCheckUtils]: 17: Hoare triple {389#true} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {389#true} is VALID [2018-11-23 11:16:07,954 INFO L273 TraceCheckUtils]: 18: Hoare triple {389#true} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {389#true} is VALID [2018-11-23 11:16:07,954 INFO L273 TraceCheckUtils]: 19: Hoare triple {389#true} assume true; {389#true} is VALID [2018-11-23 11:16:07,954 INFO L268 TraceCheckUtils]: 20: Hoare quadruple {389#true} {389#true} #116#return; {389#true} is VALID [2018-11-23 11:16:07,969 INFO L273 TraceCheckUtils]: 21: Hoare triple {389#true} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {457#(and (= sll_insert_~snd_to_last~0.base (_ bv0 32)) (= sll_insert_~snd_to_last~0.offset (_ bv0 32)))} is VALID [2018-11-23 11:16:07,983 INFO L273 TraceCheckUtils]: 22: Hoare triple {457#(and (= sll_insert_~snd_to_last~0.base (_ bv0 32)) (= sll_insert_~snd_to_last~0.offset (_ bv0 32)))} assume !~bvsgt32(~index, 0bv32); {457#(and (= sll_insert_~snd_to_last~0.base (_ bv0 32)) (= sll_insert_~snd_to_last~0.offset (_ bv0 32)))} is VALID [2018-11-23 11:16:07,986 INFO L273 TraceCheckUtils]: 23: Hoare triple {457#(and (= sll_insert_~snd_to_last~0.base (_ bv0 32)) (= sll_insert_~snd_to_last~0.offset (_ bv0 32)))} assume ~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32;call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~snd_to_last~0.base, ~bvadd32(4bv32, ~snd_to_last~0.offset), 4bv32); {390#false} is VALID [2018-11-23 11:16:07,986 INFO L273 TraceCheckUtils]: 24: Hoare triple {390#false} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {390#false} is VALID [2018-11-23 11:16:07,987 INFO L273 TraceCheckUtils]: 25: Hoare triple {390#false} assume true; {390#false} is VALID [2018-11-23 11:16:07,987 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {390#false} {389#true} #110#return; {390#false} is VALID [2018-11-23 11:16:07,987 INFO L273 TraceCheckUtils]: 27: Hoare triple {390#false} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {390#false} is VALID [2018-11-23 11:16:07,988 INFO L273 TraceCheckUtils]: 28: Hoare triple {390#false} assume !(~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32); {390#false} is VALID [2018-11-23 11:16:07,988 INFO L273 TraceCheckUtils]: 29: Hoare triple {390#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {390#false} is VALID [2018-11-23 11:16:07,988 INFO L273 TraceCheckUtils]: 30: Hoare triple {390#false} assume !false; {390#false} is VALID [2018-11-23 11:16:07,990 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:16:07,991 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:16:07,993 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:16:07,993 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-23 11:16:07,995 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 31 [2018-11-23 11:16:07,995 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:16:07,995 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2018-11-23 11:16:08,095 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:08,095 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-23 11:16:08,096 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-23 11:16:08,096 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-23 11:16:08,096 INFO L87 Difference]: Start difference. First operand 36 states and 41 transitions. Second operand 3 states. [2018-11-23 11:16:08,426 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:08,426 INFO L93 Difference]: Finished difference Result 50 states and 58 transitions. [2018-11-23 11:16:08,427 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-23 11:16:08,427 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 31 [2018-11-23 11:16:08,427 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:16:08,427 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-23 11:16:08,431 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 58 transitions. [2018-11-23 11:16:08,431 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2018-11-23 11:16:08,434 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 58 transitions. [2018-11-23 11:16:08,435 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 58 transitions. [2018-11-23 11:16:08,625 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 58 edges. 58 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:08,627 INFO L225 Difference]: With dead ends: 50 [2018-11-23 11:16:08,628 INFO L226 Difference]: Without dead ends: 41 [2018-11-23 11:16:08,629 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-23 11:16:08,629 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 41 states. [2018-11-23 11:16:08,656 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 41 to 38. [2018-11-23 11:16:08,656 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:16:08,656 INFO L82 GeneralOperation]: Start isEquivalent. First operand 41 states. Second operand 38 states. [2018-11-23 11:16:08,656 INFO L74 IsIncluded]: Start isIncluded. First operand 41 states. Second operand 38 states. [2018-11-23 11:16:08,657 INFO L87 Difference]: Start difference. First operand 41 states. Second operand 38 states. [2018-11-23 11:16:08,660 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:08,661 INFO L93 Difference]: Finished difference Result 41 states and 47 transitions. [2018-11-23 11:16:08,661 INFO L276 IsEmpty]: Start isEmpty. Operand 41 states and 47 transitions. [2018-11-23 11:16:08,662 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:08,662 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:08,662 INFO L74 IsIncluded]: Start isIncluded. First operand 38 states. Second operand 41 states. [2018-11-23 11:16:08,662 INFO L87 Difference]: Start difference. First operand 38 states. Second operand 41 states. [2018-11-23 11:16:08,666 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:08,666 INFO L93 Difference]: Finished difference Result 41 states and 47 transitions. [2018-11-23 11:16:08,667 INFO L276 IsEmpty]: Start isEmpty. Operand 41 states and 47 transitions. [2018-11-23 11:16:08,667 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:08,668 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:08,668 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:16:08,668 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:16:08,668 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 38 states. [2018-11-23 11:16:08,671 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 38 states to 38 states and 44 transitions. [2018-11-23 11:16:08,672 INFO L78 Accepts]: Start accepts. Automaton has 38 states and 44 transitions. Word has length 31 [2018-11-23 11:16:08,672 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:16:08,672 INFO L480 AbstractCegarLoop]: Abstraction has 38 states and 44 transitions. [2018-11-23 11:16:08,672 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-23 11:16:08,672 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 44 transitions. [2018-11-23 11:16:08,673 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2018-11-23 11:16:08,674 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:16:08,674 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:16:08,674 INFO L423 AbstractCegarLoop]: === Iteration 3 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:16:08,674 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:16:08,675 INFO L82 PathProgramCache]: Analyzing trace with hash 2078424152, now seen corresponding path program 1 times [2018-11-23 11:16:08,675 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:16:08,675 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:16:08,702 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:16:08,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:08,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:08,804 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:16:08,902 INFO L256 TraceCheckUtils]: 0: Hoare triple {688#true} call ULTIMATE.init(); {688#true} is VALID [2018-11-23 11:16:08,902 INFO L273 TraceCheckUtils]: 1: Hoare triple {688#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {688#true} is VALID [2018-11-23 11:16:08,903 INFO L273 TraceCheckUtils]: 2: Hoare triple {688#true} assume true; {688#true} is VALID [2018-11-23 11:16:08,903 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {688#true} {688#true} #118#return; {688#true} is VALID [2018-11-23 11:16:08,904 INFO L256 TraceCheckUtils]: 4: Hoare triple {688#true} call #t~ret16 := main(); {688#true} is VALID [2018-11-23 11:16:08,907 INFO L273 TraceCheckUtils]: 5: Hoare triple {688#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {708#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:16:08,908 INFO L256 TraceCheckUtils]: 6: Hoare triple {708#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {688#true} is VALID [2018-11-23 11:16:08,908 INFO L273 TraceCheckUtils]: 7: Hoare triple {688#true} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {715#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:16:08,913 INFO L273 TraceCheckUtils]: 8: Hoare triple {715#(= |sll_create_#in~len| sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {719#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:16:08,913 INFO L273 TraceCheckUtils]: 9: Hoare triple {719#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {719#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:16:08,914 INFO L273 TraceCheckUtils]: 10: Hoare triple {719#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} assume true; {719#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:16:08,915 INFO L268 TraceCheckUtils]: 11: Hoare quadruple {719#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} {708#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} #108#return; {689#false} is VALID [2018-11-23 11:16:08,916 INFO L273 TraceCheckUtils]: 12: Hoare triple {689#false} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {689#false} is VALID [2018-11-23 11:16:08,916 INFO L256 TraceCheckUtils]: 13: Hoare triple {689#false} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {689#false} is VALID [2018-11-23 11:16:08,916 INFO L273 TraceCheckUtils]: 14: Hoare triple {689#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {689#false} is VALID [2018-11-23 11:16:08,916 INFO L256 TraceCheckUtils]: 15: Hoare triple {689#false} call #t~ret6.base, #t~ret6.offset := node_create(~data); {689#false} is VALID [2018-11-23 11:16:08,917 INFO L273 TraceCheckUtils]: 16: Hoare triple {689#false} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {689#false} is VALID [2018-11-23 11:16:08,918 INFO L273 TraceCheckUtils]: 17: Hoare triple {689#false} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {689#false} is VALID [2018-11-23 11:16:08,918 INFO L273 TraceCheckUtils]: 18: Hoare triple {689#false} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {689#false} is VALID [2018-11-23 11:16:08,919 INFO L273 TraceCheckUtils]: 19: Hoare triple {689#false} assume true; {689#false} is VALID [2018-11-23 11:16:08,919 INFO L268 TraceCheckUtils]: 20: Hoare quadruple {689#false} {689#false} #116#return; {689#false} is VALID [2018-11-23 11:16:08,919 INFO L273 TraceCheckUtils]: 21: Hoare triple {689#false} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {689#false} is VALID [2018-11-23 11:16:08,919 INFO L273 TraceCheckUtils]: 22: Hoare triple {689#false} assume !~bvsgt32(~index, 0bv32); {689#false} is VALID [2018-11-23 11:16:08,920 INFO L273 TraceCheckUtils]: 23: Hoare triple {689#false} assume !(~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32);call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~head.base, ~head.offset, 4bv32); {689#false} is VALID [2018-11-23 11:16:08,920 INFO L273 TraceCheckUtils]: 24: Hoare triple {689#false} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {689#false} is VALID [2018-11-23 11:16:08,920 INFO L273 TraceCheckUtils]: 25: Hoare triple {689#false} assume true; {689#false} is VALID [2018-11-23 11:16:08,921 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {689#false} {689#false} #110#return; {689#false} is VALID [2018-11-23 11:16:08,921 INFO L273 TraceCheckUtils]: 27: Hoare triple {689#false} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {689#false} is VALID [2018-11-23 11:16:08,921 INFO L273 TraceCheckUtils]: 28: Hoare triple {689#false} assume !(~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32); {689#false} is VALID [2018-11-23 11:16:08,922 INFO L273 TraceCheckUtils]: 29: Hoare triple {689#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {689#false} is VALID [2018-11-23 11:16:08,922 INFO L273 TraceCheckUtils]: 30: Hoare triple {689#false} assume !false; {689#false} is VALID [2018-11-23 11:16:08,924 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:16:08,924 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [MP cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (4)] Exception during sending of exit command (exit): Stream closed [2018-11-23 11:16:08,928 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:16:08,929 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-11-23 11:16:08,929 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 31 [2018-11-23 11:16:08,930 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:16:08,930 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2018-11-23 11:16:09,022 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:09,022 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-11-23 11:16:09,023 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-11-23 11:16:09,023 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2018-11-23 11:16:09,023 INFO L87 Difference]: Start difference. First operand 38 states and 44 transitions. Second operand 5 states. [2018-11-23 11:16:09,579 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:09,579 INFO L93 Difference]: Finished difference Result 68 states and 80 transitions. [2018-11-23 11:16:09,579 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-11-23 11:16:09,579 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 31 [2018-11-23 11:16:09,580 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:16:09,580 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:16:09,583 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 74 transitions. [2018-11-23 11:16:09,584 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:16:09,587 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 74 transitions. [2018-11-23 11:16:09,588 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 74 transitions. [2018-11-23 11:16:09,764 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 74 edges. 74 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:09,768 INFO L225 Difference]: With dead ends: 68 [2018-11-23 11:16:09,768 INFO L226 Difference]: Without dead ends: 42 [2018-11-23 11:16:09,769 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-11-23 11:16:09,769 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 42 states. [2018-11-23 11:16:09,786 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 42 to 39. [2018-11-23 11:16:09,787 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:16:09,787 INFO L82 GeneralOperation]: Start isEquivalent. First operand 42 states. Second operand 39 states. [2018-11-23 11:16:09,787 INFO L74 IsIncluded]: Start isIncluded. First operand 42 states. Second operand 39 states. [2018-11-23 11:16:09,787 INFO L87 Difference]: Start difference. First operand 42 states. Second operand 39 states. [2018-11-23 11:16:09,791 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:09,792 INFO L93 Difference]: Finished difference Result 42 states and 49 transitions. [2018-11-23 11:16:09,792 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 49 transitions. [2018-11-23 11:16:09,793 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:09,793 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:09,793 INFO L74 IsIncluded]: Start isIncluded. First operand 39 states. Second operand 42 states. [2018-11-23 11:16:09,793 INFO L87 Difference]: Start difference. First operand 39 states. Second operand 42 states. [2018-11-23 11:16:09,797 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:09,797 INFO L93 Difference]: Finished difference Result 42 states and 49 transitions. [2018-11-23 11:16:09,797 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 49 transitions. [2018-11-23 11:16:09,798 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:09,798 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:09,798 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:16:09,799 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:16:09,799 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 39 states. [2018-11-23 11:16:09,801 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 39 states to 39 states and 45 transitions. [2018-11-23 11:16:09,801 INFO L78 Accepts]: Start accepts. Automaton has 39 states and 45 transitions. Word has length 31 [2018-11-23 11:16:09,801 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:16:09,802 INFO L480 AbstractCegarLoop]: Abstraction has 39 states and 45 transitions. [2018-11-23 11:16:09,802 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-11-23 11:16:09,802 INFO L276 IsEmpty]: Start isEmpty. Operand 39 states and 45 transitions. [2018-11-23 11:16:09,803 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2018-11-23 11:16:09,803 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:16:09,804 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:16:09,804 INFO L423 AbstractCegarLoop]: === Iteration 4 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:16:09,804 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:16:09,804 INFO L82 PathProgramCache]: Analyzing trace with hash 260466119, now seen corresponding path program 1 times [2018-11-23 11:16:09,805 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:16:09,805 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:16:09,840 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:16:09,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:09,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:09,983 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:16:10,099 INFO L256 TraceCheckUtils]: 0: Hoare triple {1021#true} call ULTIMATE.init(); {1021#true} is VALID [2018-11-23 11:16:10,100 INFO L273 TraceCheckUtils]: 1: Hoare triple {1021#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1021#true} is VALID [2018-11-23 11:16:10,100 INFO L273 TraceCheckUtils]: 2: Hoare triple {1021#true} assume true; {1021#true} is VALID [2018-11-23 11:16:10,100 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1021#true} {1021#true} #118#return; {1021#true} is VALID [2018-11-23 11:16:10,100 INFO L256 TraceCheckUtils]: 4: Hoare triple {1021#true} call #t~ret16 := main(); {1021#true} is VALID [2018-11-23 11:16:10,101 INFO L273 TraceCheckUtils]: 5: Hoare triple {1021#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {1041#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:16:10,101 INFO L256 TraceCheckUtils]: 6: Hoare triple {1041#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {1021#true} is VALID [2018-11-23 11:16:10,102 INFO L273 TraceCheckUtils]: 7: Hoare triple {1021#true} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1048#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:16:10,103 INFO L273 TraceCheckUtils]: 8: Hoare triple {1048#(= |sll_create_#in~len| sll_create_~len)} assume !!~bvsgt32(~len, 0bv32); {1048#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:16:10,103 INFO L256 TraceCheckUtils]: 9: Hoare triple {1048#(= |sll_create_#in~len| sll_create_~len)} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1021#true} is VALID [2018-11-23 11:16:10,104 INFO L273 TraceCheckUtils]: 10: Hoare triple {1021#true} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1021#true} is VALID [2018-11-23 11:16:10,104 INFO L273 TraceCheckUtils]: 11: Hoare triple {1021#true} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1021#true} is VALID [2018-11-23 11:16:10,105 INFO L273 TraceCheckUtils]: 12: Hoare triple {1021#true} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1021#true} is VALID [2018-11-23 11:16:10,105 INFO L273 TraceCheckUtils]: 13: Hoare triple {1021#true} assume true; {1021#true} is VALID [2018-11-23 11:16:10,110 INFO L268 TraceCheckUtils]: 14: Hoare quadruple {1021#true} {1048#(= |sll_create_#in~len| sll_create_~len)} #114#return; {1048#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:16:10,114 INFO L273 TraceCheckUtils]: 15: Hoare triple {1048#(= |sll_create_#in~len| sll_create_~len)} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {1048#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:16:10,115 INFO L273 TraceCheckUtils]: 16: Hoare triple {1048#(= |sll_create_#in~len| sll_create_~len)} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1076#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:16:10,118 INFO L273 TraceCheckUtils]: 17: Hoare triple {1076#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,119 INFO L273 TraceCheckUtils]: 18: Hoare triple {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,120 INFO L273 TraceCheckUtils]: 19: Hoare triple {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} assume true; {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,122 INFO L268 TraceCheckUtils]: 20: Hoare quadruple {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} {1041#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} #108#return; {1022#false} is VALID [2018-11-23 11:16:10,122 INFO L273 TraceCheckUtils]: 21: Hoare triple {1022#false} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {1022#false} is VALID [2018-11-23 11:16:10,123 INFO L256 TraceCheckUtils]: 22: Hoare triple {1022#false} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {1022#false} is VALID [2018-11-23 11:16:10,123 INFO L273 TraceCheckUtils]: 23: Hoare triple {1022#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {1022#false} is VALID [2018-11-23 11:16:10,124 INFO L256 TraceCheckUtils]: 24: Hoare triple {1022#false} call #t~ret6.base, #t~ret6.offset := node_create(~data); {1022#false} is VALID [2018-11-23 11:16:10,124 INFO L273 TraceCheckUtils]: 25: Hoare triple {1022#false} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1022#false} is VALID [2018-11-23 11:16:10,124 INFO L273 TraceCheckUtils]: 26: Hoare triple {1022#false} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1022#false} is VALID [2018-11-23 11:16:10,125 INFO L273 TraceCheckUtils]: 27: Hoare triple {1022#false} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1022#false} is VALID [2018-11-23 11:16:10,125 INFO L273 TraceCheckUtils]: 28: Hoare triple {1022#false} assume true; {1022#false} is VALID [2018-11-23 11:16:10,126 INFO L268 TraceCheckUtils]: 29: Hoare quadruple {1022#false} {1022#false} #116#return; {1022#false} is VALID [2018-11-23 11:16:10,126 INFO L273 TraceCheckUtils]: 30: Hoare triple {1022#false} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {1022#false} is VALID [2018-11-23 11:16:10,127 INFO L273 TraceCheckUtils]: 31: Hoare triple {1022#false} assume !~bvsgt32(~index, 0bv32); {1022#false} is VALID [2018-11-23 11:16:10,127 INFO L273 TraceCheckUtils]: 32: Hoare triple {1022#false} assume !(~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32);call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~head.base, ~head.offset, 4bv32); {1022#false} is VALID [2018-11-23 11:16:10,127 INFO L273 TraceCheckUtils]: 33: Hoare triple {1022#false} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {1022#false} is VALID [2018-11-23 11:16:10,128 INFO L273 TraceCheckUtils]: 34: Hoare triple {1022#false} assume true; {1022#false} is VALID [2018-11-23 11:16:10,128 INFO L268 TraceCheckUtils]: 35: Hoare quadruple {1022#false} {1022#false} #110#return; {1022#false} is VALID [2018-11-23 11:16:10,128 INFO L273 TraceCheckUtils]: 36: Hoare triple {1022#false} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {1022#false} is VALID [2018-11-23 11:16:10,129 INFO L273 TraceCheckUtils]: 37: Hoare triple {1022#false} assume !(~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32); {1022#false} is VALID [2018-11-23 11:16:10,129 INFO L273 TraceCheckUtils]: 38: Hoare triple {1022#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {1022#false} is VALID [2018-11-23 11:16:10,129 INFO L273 TraceCheckUtils]: 39: Hoare triple {1022#false} assume !false; {1022#false} is VALID [2018-11-23 11:16:10,133 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 5 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:16:10,133 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:16:10,574 INFO L273 TraceCheckUtils]: 39: Hoare triple {1022#false} assume !false; {1022#false} is VALID [2018-11-23 11:16:10,574 INFO L273 TraceCheckUtils]: 38: Hoare triple {1022#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {1022#false} is VALID [2018-11-23 11:16:10,575 INFO L273 TraceCheckUtils]: 37: Hoare triple {1022#false} assume !(~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32); {1022#false} is VALID [2018-11-23 11:16:10,575 INFO L273 TraceCheckUtils]: 36: Hoare triple {1022#false} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {1022#false} is VALID [2018-11-23 11:16:10,577 INFO L268 TraceCheckUtils]: 35: Hoare quadruple {1021#true} {1022#false} #110#return; {1022#false} is VALID [2018-11-23 11:16:10,577 INFO L273 TraceCheckUtils]: 34: Hoare triple {1021#true} assume true; {1021#true} is VALID [2018-11-23 11:16:10,577 INFO L273 TraceCheckUtils]: 33: Hoare triple {1021#true} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {1021#true} is VALID [2018-11-23 11:16:10,578 INFO L273 TraceCheckUtils]: 32: Hoare triple {1021#true} assume !(~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32);call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~head.base, ~head.offset, 4bv32); {1021#true} is VALID [2018-11-23 11:16:10,578 INFO L273 TraceCheckUtils]: 31: Hoare triple {1021#true} assume !~bvsgt32(~index, 0bv32); {1021#true} is VALID [2018-11-23 11:16:10,579 INFO L273 TraceCheckUtils]: 30: Hoare triple {1021#true} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {1021#true} is VALID [2018-11-23 11:16:10,579 INFO L268 TraceCheckUtils]: 29: Hoare quadruple {1021#true} {1021#true} #116#return; {1021#true} is VALID [2018-11-23 11:16:10,580 INFO L273 TraceCheckUtils]: 28: Hoare triple {1021#true} assume true; {1021#true} is VALID [2018-11-23 11:16:10,580 INFO L273 TraceCheckUtils]: 27: Hoare triple {1021#true} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1021#true} is VALID [2018-11-23 11:16:10,580 INFO L273 TraceCheckUtils]: 26: Hoare triple {1021#true} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1021#true} is VALID [2018-11-23 11:16:10,580 INFO L273 TraceCheckUtils]: 25: Hoare triple {1021#true} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1021#true} is VALID [2018-11-23 11:16:10,581 INFO L256 TraceCheckUtils]: 24: Hoare triple {1021#true} call #t~ret6.base, #t~ret6.offset := node_create(~data); {1021#true} is VALID [2018-11-23 11:16:10,581 INFO L273 TraceCheckUtils]: 23: Hoare triple {1021#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {1021#true} is VALID [2018-11-23 11:16:10,581 INFO L256 TraceCheckUtils]: 22: Hoare triple {1022#false} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {1021#true} is VALID [2018-11-23 11:16:10,581 INFO L273 TraceCheckUtils]: 21: Hoare triple {1022#false} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {1022#false} is VALID [2018-11-23 11:16:10,585 INFO L268 TraceCheckUtils]: 20: Hoare quadruple {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} {1204#(bvsgt (bvadd main_~len~0 (_ bv4294967295 32)) (_ bv0 32))} #108#return; {1022#false} is VALID [2018-11-23 11:16:10,585 INFO L273 TraceCheckUtils]: 19: Hoare triple {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} assume true; {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,587 INFO L273 TraceCheckUtils]: 18: Hoare triple {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,587 INFO L273 TraceCheckUtils]: 17: Hoare triple {1217#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {1080#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,591 INFO L273 TraceCheckUtils]: 16: Hoare triple {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1217#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} is VALID [2018-11-23 11:16:10,592 INFO L273 TraceCheckUtils]: 15: Hoare triple {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,594 INFO L268 TraceCheckUtils]: 14: Hoare quadruple {1021#true} {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} #114#return; {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,594 INFO L273 TraceCheckUtils]: 13: Hoare triple {1021#true} assume true; {1021#true} is VALID [2018-11-23 11:16:10,594 INFO L273 TraceCheckUtils]: 12: Hoare triple {1021#true} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1021#true} is VALID [2018-11-23 11:16:10,594 INFO L273 TraceCheckUtils]: 11: Hoare triple {1021#true} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1021#true} is VALID [2018-11-23 11:16:10,595 INFO L273 TraceCheckUtils]: 10: Hoare triple {1021#true} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1021#true} is VALID [2018-11-23 11:16:10,595 INFO L256 TraceCheckUtils]: 9: Hoare triple {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1021#true} is VALID [2018-11-23 11:16:10,595 INFO L273 TraceCheckUtils]: 8: Hoare triple {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32); {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,597 INFO L273 TraceCheckUtils]: 7: Hoare triple {1021#true} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1221#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:16:10,597 INFO L256 TraceCheckUtils]: 6: Hoare triple {1204#(bvsgt (bvadd main_~len~0 (_ bv4294967295 32)) (_ bv0 32))} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {1021#true} is VALID [2018-11-23 11:16:10,616 INFO L273 TraceCheckUtils]: 5: Hoare triple {1021#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {1204#(bvsgt (bvadd main_~len~0 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:16:10,616 INFO L256 TraceCheckUtils]: 4: Hoare triple {1021#true} call #t~ret16 := main(); {1021#true} is VALID [2018-11-23 11:16:10,617 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1021#true} {1021#true} #118#return; {1021#true} is VALID [2018-11-23 11:16:10,617 INFO L273 TraceCheckUtils]: 2: Hoare triple {1021#true} assume true; {1021#true} is VALID [2018-11-23 11:16:10,617 INFO L273 TraceCheckUtils]: 1: Hoare triple {1021#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1021#true} is VALID [2018-11-23 11:16:10,617 INFO L256 TraceCheckUtils]: 0: Hoare triple {1021#true} call ULTIMATE.init(); {1021#true} is VALID [2018-11-23 11:16:10,622 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2018-11-23 11:16:10,628 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:16:10,628 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6] total 9 [2018-11-23 11:16:10,629 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 40 [2018-11-23 11:16:10,631 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:16:10,631 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2018-11-23 11:16:10,807 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 60 edges. 60 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:10,807 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-11-23 11:16:10,807 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-11-23 11:16:10,808 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2018-11-23 11:16:10,808 INFO L87 Difference]: Start difference. First operand 39 states and 45 transitions. Second operand 9 states. [2018-11-23 11:16:11,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:11,999 INFO L93 Difference]: Finished difference Result 72 states and 85 transitions. [2018-11-23 11:16:11,999 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2018-11-23 11:16:11,999 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 40 [2018-11-23 11:16:12,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:16:12,000 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:16:12,004 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 79 transitions. [2018-11-23 11:16:12,004 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:16:12,007 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 79 transitions. [2018-11-23 11:16:12,008 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 79 transitions. [2018-11-23 11:16:12,204 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 79 edges. 79 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:12,206 INFO L225 Difference]: With dead ends: 72 [2018-11-23 11:16:12,206 INFO L226 Difference]: Without dead ends: 46 [2018-11-23 11:16:12,207 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 81 GetRequests, 72 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=31, Invalid=79, Unknown=0, NotChecked=0, Total=110 [2018-11-23 11:16:12,207 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 46 states. [2018-11-23 11:16:12,244 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 46 to 43. [2018-11-23 11:16:12,245 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:16:12,245 INFO L82 GeneralOperation]: Start isEquivalent. First operand 46 states. Second operand 43 states. [2018-11-23 11:16:12,245 INFO L74 IsIncluded]: Start isIncluded. First operand 46 states. Second operand 43 states. [2018-11-23 11:16:12,245 INFO L87 Difference]: Start difference. First operand 46 states. Second operand 43 states. [2018-11-23 11:16:12,249 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:12,249 INFO L93 Difference]: Finished difference Result 46 states and 54 transitions. [2018-11-23 11:16:12,249 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 54 transitions. [2018-11-23 11:16:12,250 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:12,250 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:12,250 INFO L74 IsIncluded]: Start isIncluded. First operand 43 states. Second operand 46 states. [2018-11-23 11:16:12,250 INFO L87 Difference]: Start difference. First operand 43 states. Second operand 46 states. [2018-11-23 11:16:12,253 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:12,253 INFO L93 Difference]: Finished difference Result 46 states and 54 transitions. [2018-11-23 11:16:12,254 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 54 transitions. [2018-11-23 11:16:12,255 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:12,255 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:12,255 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:16:12,255 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:16:12,255 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 43 states. [2018-11-23 11:16:12,258 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 43 states to 43 states and 50 transitions. [2018-11-23 11:16:12,258 INFO L78 Accepts]: Start accepts. Automaton has 43 states and 50 transitions. Word has length 40 [2018-11-23 11:16:12,258 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:16:12,258 INFO L480 AbstractCegarLoop]: Abstraction has 43 states and 50 transitions. [2018-11-23 11:16:12,258 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-11-23 11:16:12,259 INFO L276 IsEmpty]: Start isEmpty. Operand 43 states and 50 transitions. [2018-11-23 11:16:12,260 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2018-11-23 11:16:12,260 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:16:12,260 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:16:12,261 INFO L423 AbstractCegarLoop]: === Iteration 5 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:16:12,261 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:16:12,261 INFO L82 PathProgramCache]: Analyzing trace with hash 56125752, now seen corresponding path program 2 times [2018-11-23 11:16:12,262 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:16:12,262 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:16:12,292 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2018-11-23 11:16:12,376 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2018-11-23 11:16:12,376 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:16:12,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:12,407 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:16:12,511 INFO L256 TraceCheckUtils]: 0: Hoare triple {1527#true} call ULTIMATE.init(); {1527#true} is VALID [2018-11-23 11:16:12,511 INFO L273 TraceCheckUtils]: 1: Hoare triple {1527#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1527#true} is VALID [2018-11-23 11:16:12,511 INFO L273 TraceCheckUtils]: 2: Hoare triple {1527#true} assume true; {1527#true} is VALID [2018-11-23 11:16:12,512 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1527#true} {1527#true} #118#return; {1527#true} is VALID [2018-11-23 11:16:12,512 INFO L256 TraceCheckUtils]: 4: Hoare triple {1527#true} call #t~ret16 := main(); {1527#true} is VALID [2018-11-23 11:16:12,512 INFO L273 TraceCheckUtils]: 5: Hoare triple {1527#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:16:12,513 INFO L256 TraceCheckUtils]: 6: Hoare triple {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {1527#true} is VALID [2018-11-23 11:16:12,513 INFO L273 TraceCheckUtils]: 7: Hoare triple {1527#true} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1527#true} is VALID [2018-11-23 11:16:12,513 INFO L273 TraceCheckUtils]: 8: Hoare triple {1527#true} assume !!~bvsgt32(~len, 0bv32); {1527#true} is VALID [2018-11-23 11:16:12,513 INFO L256 TraceCheckUtils]: 9: Hoare triple {1527#true} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1527#true} is VALID [2018-11-23 11:16:12,513 INFO L273 TraceCheckUtils]: 10: Hoare triple {1527#true} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1527#true} is VALID [2018-11-23 11:16:12,514 INFO L273 TraceCheckUtils]: 11: Hoare triple {1527#true} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1527#true} is VALID [2018-11-23 11:16:12,514 INFO L273 TraceCheckUtils]: 12: Hoare triple {1527#true} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1527#true} is VALID [2018-11-23 11:16:12,514 INFO L273 TraceCheckUtils]: 13: Hoare triple {1527#true} assume true; {1527#true} is VALID [2018-11-23 11:16:12,514 INFO L268 TraceCheckUtils]: 14: Hoare quadruple {1527#true} {1527#true} #114#return; {1527#true} is VALID [2018-11-23 11:16:12,514 INFO L273 TraceCheckUtils]: 15: Hoare triple {1527#true} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {1527#true} is VALID [2018-11-23 11:16:12,516 INFO L273 TraceCheckUtils]: 16: Hoare triple {1527#true} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1527#true} is VALID [2018-11-23 11:16:12,516 INFO L273 TraceCheckUtils]: 17: Hoare triple {1527#true} assume !!~bvsgt32(~len, 0bv32); {1527#true} is VALID [2018-11-23 11:16:12,517 INFO L256 TraceCheckUtils]: 18: Hoare triple {1527#true} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1527#true} is VALID [2018-11-23 11:16:12,517 INFO L273 TraceCheckUtils]: 19: Hoare triple {1527#true} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1527#true} is VALID [2018-11-23 11:16:12,517 INFO L273 TraceCheckUtils]: 20: Hoare triple {1527#true} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1527#true} is VALID [2018-11-23 11:16:12,518 INFO L273 TraceCheckUtils]: 21: Hoare triple {1527#true} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1527#true} is VALID [2018-11-23 11:16:12,518 INFO L273 TraceCheckUtils]: 22: Hoare triple {1527#true} assume true; {1527#true} is VALID [2018-11-23 11:16:12,518 INFO L268 TraceCheckUtils]: 23: Hoare quadruple {1527#true} {1527#true} #114#return; {1527#true} is VALID [2018-11-23 11:16:12,518 INFO L273 TraceCheckUtils]: 24: Hoare triple {1527#true} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {1527#true} is VALID [2018-11-23 11:16:12,519 INFO L273 TraceCheckUtils]: 25: Hoare triple {1527#true} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1527#true} is VALID [2018-11-23 11:16:12,519 INFO L273 TraceCheckUtils]: 26: Hoare triple {1527#true} assume !~bvsgt32(~len, 0bv32); {1527#true} is VALID [2018-11-23 11:16:12,519 INFO L273 TraceCheckUtils]: 27: Hoare triple {1527#true} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1527#true} is VALID [2018-11-23 11:16:12,519 INFO L273 TraceCheckUtils]: 28: Hoare triple {1527#true} assume true; {1527#true} is VALID [2018-11-23 11:16:12,529 INFO L268 TraceCheckUtils]: 29: Hoare quadruple {1527#true} {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} #108#return; {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:16:12,530 INFO L273 TraceCheckUtils]: 30: Hoare triple {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:16:12,530 INFO L256 TraceCheckUtils]: 31: Hoare triple {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {1527#true} is VALID [2018-11-23 11:16:12,530 INFO L273 TraceCheckUtils]: 32: Hoare triple {1527#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {1629#(= sll_insert_~index |sll_insert_#in~index|)} is VALID [2018-11-23 11:16:12,530 INFO L256 TraceCheckUtils]: 33: Hoare triple {1629#(= sll_insert_~index |sll_insert_#in~index|)} call #t~ret6.base, #t~ret6.offset := node_create(~data); {1527#true} is VALID [2018-11-23 11:16:12,531 INFO L273 TraceCheckUtils]: 34: Hoare triple {1527#true} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1527#true} is VALID [2018-11-23 11:16:12,531 INFO L273 TraceCheckUtils]: 35: Hoare triple {1527#true} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1527#true} is VALID [2018-11-23 11:16:12,531 INFO L273 TraceCheckUtils]: 36: Hoare triple {1527#true} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1527#true} is VALID [2018-11-23 11:16:12,531 INFO L273 TraceCheckUtils]: 37: Hoare triple {1527#true} assume true; {1527#true} is VALID [2018-11-23 11:16:12,532 INFO L268 TraceCheckUtils]: 38: Hoare quadruple {1527#true} {1629#(= sll_insert_~index |sll_insert_#in~index|)} #116#return; {1629#(= sll_insert_~index |sll_insert_#in~index|)} is VALID [2018-11-23 11:16:12,535 INFO L273 TraceCheckUtils]: 39: Hoare triple {1629#(= sll_insert_~index |sll_insert_#in~index|)} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {1629#(= sll_insert_~index |sll_insert_#in~index|)} is VALID [2018-11-23 11:16:12,535 INFO L273 TraceCheckUtils]: 40: Hoare triple {1629#(= sll_insert_~index |sll_insert_#in~index|)} assume !~bvsgt32(~index, 0bv32); {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} is VALID [2018-11-23 11:16:12,537 INFO L273 TraceCheckUtils]: 41: Hoare triple {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} assume !(~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32);call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~head.base, ~head.offset, 4bv32); {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} is VALID [2018-11-23 11:16:12,537 INFO L273 TraceCheckUtils]: 42: Hoare triple {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} is VALID [2018-11-23 11:16:12,540 INFO L273 TraceCheckUtils]: 43: Hoare triple {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} assume true; {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} is VALID [2018-11-23 11:16:12,541 INFO L268 TraceCheckUtils]: 44: Hoare quadruple {1654#(not (bvsgt |sll_insert_#in~index| (_ bv0 32)))} {1547#(= (bvadd main_~len~0 (_ bv4294967294 32)) (_ bv0 32))} #110#return; {1528#false} is VALID [2018-11-23 11:16:12,541 INFO L273 TraceCheckUtils]: 45: Hoare triple {1528#false} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {1528#false} is VALID [2018-11-23 11:16:12,541 INFO L273 TraceCheckUtils]: 46: Hoare triple {1528#false} assume !(~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32); {1528#false} is VALID [2018-11-23 11:16:12,541 INFO L273 TraceCheckUtils]: 47: Hoare triple {1528#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {1528#false} is VALID [2018-11-23 11:16:12,541 INFO L273 TraceCheckUtils]: 48: Hoare triple {1528#false} assume !false; {1528#false} is VALID [2018-11-23 11:16:12,544 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2018-11-23 11:16:12,544 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:16:12,549 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:16:12,550 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-11-23 11:16:12,550 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 49 [2018-11-23 11:16:12,551 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:16:12,551 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2018-11-23 11:16:12,665 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:12,665 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-11-23 11:16:12,665 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-11-23 11:16:12,665 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2018-11-23 11:16:12,666 INFO L87 Difference]: Start difference. First operand 43 states and 50 transitions. Second operand 5 states. [2018-11-23 11:16:13,248 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:13,248 INFO L93 Difference]: Finished difference Result 52 states and 60 transitions. [2018-11-23 11:16:13,248 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-11-23 11:16:13,249 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 49 [2018-11-23 11:16:13,249 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:16:13,249 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:16:13,251 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 54 transitions. [2018-11-23 11:16:13,251 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:16:13,253 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 54 transitions. [2018-11-23 11:16:13,254 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 54 transitions. [2018-11-23 11:16:13,392 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 54 edges. 54 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:16:13,394 INFO L225 Difference]: With dead ends: 52 [2018-11-23 11:16:13,395 INFO L226 Difference]: Without dead ends: 42 [2018-11-23 11:16:13,395 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 45 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-11-23 11:16:13,396 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 42 states. [2018-11-23 11:16:13,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 42 to 42. [2018-11-23 11:16:13,422 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:16:13,422 INFO L82 GeneralOperation]: Start isEquivalent. First operand 42 states. Second operand 42 states. [2018-11-23 11:16:13,423 INFO L74 IsIncluded]: Start isIncluded. First operand 42 states. Second operand 42 states. [2018-11-23 11:16:13,423 INFO L87 Difference]: Start difference. First operand 42 states. Second operand 42 states. [2018-11-23 11:16:13,425 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:13,425 INFO L93 Difference]: Finished difference Result 42 states and 48 transitions. [2018-11-23 11:16:13,425 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 48 transitions. [2018-11-23 11:16:13,426 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:13,426 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:13,427 INFO L74 IsIncluded]: Start isIncluded. First operand 42 states. Second operand 42 states. [2018-11-23 11:16:13,427 INFO L87 Difference]: Start difference. First operand 42 states. Second operand 42 states. [2018-11-23 11:16:13,429 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:16:13,430 INFO L93 Difference]: Finished difference Result 42 states and 48 transitions. [2018-11-23 11:16:13,430 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 48 transitions. [2018-11-23 11:16:13,430 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:16:13,430 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:16:13,431 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:16:13,431 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:16:13,431 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 42 states. [2018-11-23 11:16:13,433 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 42 states to 42 states and 48 transitions. [2018-11-23 11:16:13,433 INFO L78 Accepts]: Start accepts. Automaton has 42 states and 48 transitions. Word has length 49 [2018-11-23 11:16:13,434 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:16:13,434 INFO L480 AbstractCegarLoop]: Abstraction has 42 states and 48 transitions. [2018-11-23 11:16:13,434 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-11-23 11:16:13,434 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 48 transitions. [2018-11-23 11:16:13,435 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2018-11-23 11:16:13,435 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:16:13,436 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:16:13,436 INFO L423 AbstractCegarLoop]: === Iteration 6 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:16:13,436 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:16:13,436 INFO L82 PathProgramCache]: Analyzing trace with hash -1711254474, now seen corresponding path program 1 times [2018-11-23 11:16:13,437 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:16:13,437 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:16:13,466 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-11-23 11:16:13,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:13,766 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:16:13,770 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:16:13,850 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-23 11:16:13,877 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:16:13,966 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:16:13,967 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2018-11-23 11:16:13,977 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:16:13,977 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_52|]. (and (= |#valid| (store |v_#valid_52| |main_~#s~0.base| (_ bv1 1))) (= |main_~#s~0.offset| (_ bv0 32))) [2018-11-23 11:16:13,977 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (= |main_~#s~0.offset| (_ bv0 32))) [2018-11-23 11:16:16,230 WARN L854 $PredicateComparison]: unable to prove that (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |c_old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |c_#valid| (store |c_old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1))))) is different from true [2018-11-23 11:16:21,758 WARN L180 SmtUtils]: Spent 129.00 ms on a formula simplification that was a NOOP. DAG size: 19 [2018-11-23 11:16:21,926 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:21,929 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:21,931 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:21,932 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 5 disjoint index pairs (out of 3 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 44 [2018-11-23 11:16:21,983 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 5 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 36 [2018-11-23 11:16:21,991 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:16:22,008 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:16:22,041 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:16:22,042 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:37, output treesize:36 [2018-11-23 11:16:22,052 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:16:22,052 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_old(#valid)_AFTER_CALL_35|, |node_create_#t~malloc2.base|]. (let ((.cse0 (store |v_old(#valid)_AFTER_CALL_35| |node_create_#t~malloc2.base| (_ bv1 1)))) (and (not (= (_ bv0 32) |main_#t~ret10.base|)) (= (bvadd (select |v_old(#valid)_AFTER_CALL_35| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (= |#valid| (store .cse0 |main_#t~ret10.base| (_ bv1 1))) (= |main_~#s~0.offset| (_ bv0 32)) (= (select |v_old(#valid)_AFTER_CALL_35| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select .cse0 |main_#t~ret10.base|)))) [2018-11-23 11:16:22,052 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [|node_create_#t~malloc2.base|]. (and (not (= (_ bv0 32) |main_#t~ret10.base|)) (not (= |node_create_#t~malloc2.base| |main_#t~ret10.base|)) (= (_ bv1 1) (select |#valid| |node_create_#t~malloc2.base|)) (not (= |main_~#s~0.base| |main_#t~ret10.base|)) (= |main_~#s~0.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |main_#t~ret10.base|)) (not (= |node_create_#t~malloc2.base| |main_~#s~0.base|)) (not (= (select |#valid| |main_~#s~0.base|) (_ bv0 1)))) [2018-11-23 11:16:22,284 WARN L180 SmtUtils]: Spent 168.00 ms on a formula simplification that was a NOOP. DAG size: 27 [2018-11-23 11:16:27,836 WARN L180 SmtUtils]: Spent 2.02 s on a formula simplification that was a NOOP. DAG size: 20 [2018-11-23 11:16:33,974 WARN L180 SmtUtils]: Spent 2.04 s on a formula simplification that was a NOOP. DAG size: 26 [2018-11-23 11:16:38,110 WARN L180 SmtUtils]: Spent 2.03 s on a formula simplification that was a NOOP. DAG size: 26 [2018-11-23 11:16:40,269 WARN L180 SmtUtils]: Spent 2.04 s on a formula simplification that was a NOOP. DAG size: 26 [2018-11-23 11:16:40,304 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:16:40,325 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:16:40,380 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: 3 dim-0 vars, and 1 xjuncts. [2018-11-23 11:16:40,380 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:47, output treesize:79 [2018-11-23 11:16:42,411 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:16:42,411 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_55|, sll_insert_~snd_to_last~0.offset, node_create_~temp~0.offset]. (and (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (= |v_#memory_$Pointer$.base_55| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |v_#memory_$Pointer$.base_55| sll_insert_~new_node~0.base) node_create_~temp~0.offset)))) (= |#memory_$Pointer$.base| (let ((.cse0 (select (select |v_#memory_$Pointer$.base_55| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|))) (store |v_#memory_$Pointer$.base_55| .cse0 (store (select |v_#memory_$Pointer$.base_55| .cse0) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base))))) [2018-11-23 11:16:42,411 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [node_create_~temp~0.offset, v_DerPreprocessor_2, sll_insert_~snd_to_last~0.offset]. (and (= (let ((.cse0 (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)))) (let ((.cse1 (select (select .cse0 |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|))) (store .cse0 .cse1 (store (select .cse0 .cse1) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)))) |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))) [2018-11-23 11:16:48,890 WARN L180 SmtUtils]: Spent 2.04 s on a formula simplification that was a NOOP. DAG size: 28 [2018-11-23 11:16:50,942 WARN L854 $PredicateComparison]: unable to prove that (exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |c_#memory_$Pointer$.base| (let ((.cse0 (let ((.cse1 (store |c_old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |c_old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)))) (let ((.cse2 (select (select .cse1 |c_sll_insert_#in~head.base|) |c_sll_insert_#in~head.offset|))) (store .cse1 .cse2 (store (select .cse1 .cse2) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)))))) (store .cse0 sll_insert_~new_node~0.base (store (select .cse0 sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base)))) (= (_ bv0 1) (select |c_old(#valid)| sll_insert_~new_node~0.base)))) is different from true [2018-11-23 11:16:52,583 WARN L180 SmtUtils]: Spent 1.49 s on a formula simplification. DAG size of input: 84 DAG size of output: 54 [2018-11-23 11:16:52,650 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:52,666 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:52,683 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:52,684 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:16:52,686 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 4 select indices, 4 select index equivalence classes, 9 disjoint index pairs (out of 6 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 28 treesize of output 37 [2018-11-23 11:16:52,689 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:16:53,050 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:53,064 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:53,224 INFO L303 Elim1Store]: Index analysis took 198 ms [2018-11-23 11:16:53,225 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 6 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 134 treesize of output 98 [2018-11-23 11:16:53,240 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 16 [2018-11-23 11:16:53,257 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:53,270 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 23 [2018-11-23 11:16:53,271 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:16:53,306 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:16:53,571 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 7 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 98 treesize of output 83 [2018-11-23 11:16:53,590 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 3 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 13 [2018-11-23 11:16:53,592 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:16:53,759 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 7 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 75 treesize of output 75 [2018-11-23 11:16:53,793 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:16:53,951 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 4 case distinctions, treesize of input 23 treesize of output 46 [2018-11-23 11:16:53,960 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 4 xjuncts. [2018-11-23 11:16:54,149 INFO L267 ElimStorePlain]: Start of recursive call 8: 1 dim-1 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:16:54,383 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:16:54,588 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:16:54,921 INFO L267 ElimStorePlain]: Start of recursive call 1: 7 dim-0 vars, 1 dim-1 vars, 1 dim-2 vars, End of recursive call: 5 dim-0 vars, and 3 xjuncts. [2018-11-23 11:16:54,921 INFO L202 ElimStorePlain]: Needed 9 recursive calls to eliminate 9 variables, input treesize:212, output treesize:195 [2018-11-23 11:16:55,150 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:16:55,150 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_BEFORE_CALL_4|, sll_insert_~new_node~0.base, node_create_~temp~0.offset, v_DerPreprocessor_2, sll_insert_~snd_to_last~0.offset, sll_insert_~new_node~0.offset, sll_insert_~last~0.base, |v_old(#valid)_AFTER_CALL_37|, |node_create_#t~malloc2.base|]. (let ((.cse0 (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_4| |main_~#s~0.base|) |main_~#s~0.offset|))) (and (= (_ bv1 1) (select |v_old(#valid)_AFTER_CALL_37| |node_create_#t~malloc2.base|)) (= (bvadd (select |v_old(#valid)_AFTER_CALL_37| .cse0) (_ bv1 1)) (_ bv0 1)) (not (= .cse0 (_ bv0 32))) (not (= (_ bv0 1) (select |v_old(#valid)_AFTER_CALL_37| |main_~#s~0.base|))) (= (select |v_old(#valid)_AFTER_CALL_37| sll_insert_~new_node~0.base) (_ bv0 1)) (= |main_~#s~0.offset| (_ bv0 32)) (= |#memory_$Pointer$.base| (let ((.cse1 (let ((.cse2 (store |v_#memory_$Pointer$.base_BEFORE_CALL_4| sll_insert_~new_node~0.base (store (store (select |v_#memory_$Pointer$.base_BEFORE_CALL_4| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)))) (let ((.cse3 (select (select .cse2 |main_~#s~0.base|) |main_~#s~0.offset|))) (store .cse2 .cse3 (store (select .cse2 .cse3) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)))))) (store .cse1 sll_insert_~new_node~0.base (store (select .cse1 sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base)))) (not (= |node_create_#t~malloc2.base| .cse0)) (not (= .cse0 |main_~#s~0.base|)) (not (= |node_create_#t~malloc2.base| |main_~#s~0.base|)))) [2018-11-23 11:16:55,151 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [sll_insert_~snd_to_last~0.offset, sll_insert_~new_node~0.offset, v_prenex_2, v_prenex_1, node_create_~temp~0.offset]. (let ((.cse0 (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (let ((.cse2 (= |main_~#s~0.offset| (_ bv0 32))) (.cse3 (not (= |main_~#s~0.base| .cse0))) (.cse4 (not (= (_ bv0 32) .cse0))) (.cse5 (select |#memory_$Pointer$.base| .cse0))) (or (let ((.cse1 (select .cse5 (bvadd v_prenex_2 (_ bv4 32))))) (and (not (= .cse0 .cse1)) (not (= |main_~#s~0.base| .cse1)) .cse2 .cse3 .cse4)) (let ((.cse6 (select .cse5 (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32))))) (and (not (= .cse0 .cse6)) (not (= |main_~#s~0.base| .cse6)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| .cse6) (bvadd sll_insert_~new_node~0.offset (_ bv8 32)))) .cse2 .cse3 .cse4)) (let ((.cse7 (select .cse5 (bvadd v_prenex_1 (_ bv4 32))))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| .cse7) (bvadd node_create_~temp~0.offset (_ bv4 32)))) (not (= .cse0 .cse7)) (not (= |main_~#s~0.base| .cse7)) .cse2 .cse3 .cse4))))) [2018-11-23 11:16:55,502 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 56 treesize of output 36 [2018-11-23 11:16:55,517 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 11 [2018-11-23 11:16:55,519 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:16:55,534 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 9 [2018-11-23 11:16:55,536 INFO L267 ElimStorePlain]: Start of recursive call 4: End of recursive call: and 1 xjuncts. [2018-11-23 11:16:55,542 INFO L267 ElimStorePlain]: Start of recursive call 2: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:16:55,550 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:16:55,551 INFO L202 ElimStorePlain]: Needed 4 recursive calls to eliminate 3 variables, input treesize:56, output treesize:4 [2018-11-23 11:16:55,556 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:16:55,556 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.base|, |main_~#s~0.base|, v_prenex_2]. (let ((.cse0 (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) (_ bv0 32)))) (let ((.cse1 (select (select |#memory_$Pointer$.base| .cse0) (bvadd v_prenex_2 (_ bv4 32))))) (and (= .cse0 main_~ptr~0.base) (not (= .cse0 .cse1)) (not (= |main_~#s~0.base| .cse1)) (not (= |main_~#s~0.base| .cse0)) (not (= (_ bv0 32) .cse0))))) [2018-11-23 11:16:55,557 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (not (= (_ bv0 32) main_~ptr~0.base)) [2018-11-23 11:16:55,616 INFO L256 TraceCheckUtils]: 0: Hoare triple {1898#true} call ULTIMATE.init(); {1898#true} is VALID [2018-11-23 11:16:55,616 INFO L273 TraceCheckUtils]: 1: Hoare triple {1898#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1898#true} is VALID [2018-11-23 11:16:55,616 INFO L273 TraceCheckUtils]: 2: Hoare triple {1898#true} assume true; {1898#true} is VALID [2018-11-23 11:16:55,616 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1898#true} {1898#true} #118#return; {1898#true} is VALID [2018-11-23 11:16:55,616 INFO L256 TraceCheckUtils]: 4: Hoare triple {1898#true} call #t~ret16 := main(); {1898#true} is VALID [2018-11-23 11:16:55,618 INFO L273 TraceCheckUtils]: 5: Hoare triple {1898#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {1918#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (= |main_~#s~0.offset| (_ bv0 32)))} is VALID [2018-11-23 11:16:55,619 INFO L256 TraceCheckUtils]: 6: Hoare triple {1918#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (= |main_~#s~0.offset| (_ bv0 32)))} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:16:55,620 INFO L273 TraceCheckUtils]: 7: Hoare triple {1922#(= |#valid| |old(#valid)|)} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:16:55,621 INFO L273 TraceCheckUtils]: 8: Hoare triple {1922#(= |#valid| |old(#valid)|)} assume !!~bvsgt32(~len, 0bv32); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:16:55,622 INFO L256 TraceCheckUtils]: 9: Hoare triple {1922#(= |#valid| |old(#valid)|)} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:16:55,624 INFO L273 TraceCheckUtils]: 10: Hoare triple {1922#(= |#valid| |old(#valid)|)} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,625 INFO L273 TraceCheckUtils]: 11: Hoare triple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,625 INFO L273 TraceCheckUtils]: 12: Hoare triple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,626 INFO L273 TraceCheckUtils]: 13: Hoare triple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} assume true; {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,628 INFO L268 TraceCheckUtils]: 14: Hoare quadruple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} {1922#(= |#valid| |old(#valid)|)} #114#return; {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,628 INFO L273 TraceCheckUtils]: 15: Hoare triple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,629 INFO L273 TraceCheckUtils]: 16: Hoare triple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,630 INFO L273 TraceCheckUtils]: 17: Hoare triple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} assume !!~bvsgt32(~len, 0bv32); {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} is VALID [2018-11-23 11:16:55,631 INFO L256 TraceCheckUtils]: 18: Hoare triple {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:16:55,632 INFO L273 TraceCheckUtils]: 19: Hoare triple {1922#(= |#valid| |old(#valid)|)} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} is VALID [2018-11-23 11:16:55,633 INFO L273 TraceCheckUtils]: 20: Hoare triple {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} is VALID [2018-11-23 11:16:55,635 INFO L273 TraceCheckUtils]: 21: Hoare triple {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} is VALID [2018-11-23 11:16:55,636 INFO L273 TraceCheckUtils]: 22: Hoare triple {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} assume true; {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} is VALID [2018-11-23 11:16:55,640 INFO L268 TraceCheckUtils]: 23: Hoare quadruple {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} {1935#(exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |#valid| (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))} #114#return; {1977#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#t~ret4.base|)) (= |#valid| (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#t~ret4.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#t~ret4.base|)))} is VALID [2018-11-23 11:16:55,646 INFO L273 TraceCheckUtils]: 24: Hoare triple {1977#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#t~ret4.base|)) (= |#valid| (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#t~ret4.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#t~ret4.base|)))} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {1981#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base)) (= (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base (_ bv1 1)) |#valid|))))} is VALID [2018-11-23 11:16:55,647 INFO L273 TraceCheckUtils]: 25: Hoare triple {1981#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base)) (= (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base (_ bv1 1)) |#valid|))))} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1981#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base)) (= (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base (_ bv1 1)) |#valid|))))} is VALID [2018-11-23 11:16:55,648 INFO L273 TraceCheckUtils]: 26: Hoare triple {1981#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base)) (= (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base (_ bv1 1)) |#valid|))))} assume !~bvsgt32(~len, 0bv32); {1981#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base)) (= (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base (_ bv1 1)) |#valid|))))} is VALID [2018-11-23 11:16:55,650 INFO L273 TraceCheckUtils]: 27: Hoare triple {1981#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (_ bv0 1) (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base)) (= (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) sll_create_~head~0.base (_ bv1 1)) |#valid|))))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1991#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} is VALID [2018-11-23 11:16:55,650 INFO L273 TraceCheckUtils]: 28: Hoare triple {1991#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} assume true; {1991#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} is VALID [2018-11-23 11:16:55,658 INFO L268 TraceCheckUtils]: 29: Hoare quadruple {1991#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= (select (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} {1918#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (= |main_~#s~0.offset| (_ bv0 32)))} #108#return; {1998#(and (not (= (_ bv0 32) |main_#t~ret10.base|)) (not (= |main_~#s~0.base| |main_#t~ret10.base|)) (= |main_~#s~0.offset| (_ bv0 32)) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (not (= |node_create_#t~malloc2.base| |main_#t~ret10.base|)) (= (_ bv1 1) (select |#valid| |node_create_#t~malloc2.base|)) (not (= |node_create_#t~malloc2.base| |main_~#s~0.base|)))) (= (_ bv1 1) (select |#valid| |main_#t~ret10.base|)) (not (= (select |#valid| |main_~#s~0.base|) (_ bv0 1))))} is VALID [2018-11-23 11:16:55,660 INFO L273 TraceCheckUtils]: 30: Hoare triple {1998#(and (not (= (_ bv0 32) |main_#t~ret10.base|)) (not (= |main_~#s~0.base| |main_#t~ret10.base|)) (= |main_~#s~0.offset| (_ bv0 32)) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (not (= |node_create_#t~malloc2.base| |main_#t~ret10.base|)) (= (_ bv1 1) (select |#valid| |node_create_#t~malloc2.base|)) (not (= |node_create_#t~malloc2.base| |main_~#s~0.base|)))) (= (_ bv1 1) (select |#valid| |main_#t~ret10.base|)) (not (= (select |#valid| |main_~#s~0.base|) (_ bv0 1))))} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {2002#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (_ bv1 1) (select |#valid| |node_create_#t~malloc2.base|)) (not (= |node_create_#t~malloc2.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= |node_create_#t~malloc2.base| |main_~#s~0.base|)))) (= |main_~#s~0.offset| (_ bv0 32)) (not (= (select |#valid| |main_~#s~0.base|) (_ bv0 1))) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} is VALID [2018-11-23 11:16:55,663 INFO L256 TraceCheckUtils]: 31: Hoare triple {2002#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (_ bv1 1) (select |#valid| |node_create_#t~malloc2.base|)) (not (= |node_create_#t~malloc2.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= |node_create_#t~malloc2.base| |main_~#s~0.base|)))) (= |main_~#s~0.offset| (_ bv0 32)) (not (= (select |#valid| |main_~#s~0.base|) (_ bv0 1))) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:16:55,665 INFO L273 TraceCheckUtils]: 32: Hoare triple {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {2010#(and (= |#valid| |old(#valid)|) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:16:55,669 INFO L256 TraceCheckUtils]: 33: Hoare triple {2010#(and (= |#valid| |old(#valid)|) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} call #t~ret6.base, #t~ret6.offset := node_create(~data); {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:16:55,683 INFO L273 TraceCheckUtils]: 34: Hoare triple {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} is VALID [2018-11-23 11:16:55,692 INFO L273 TraceCheckUtils]: 35: Hoare triple {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} is VALID [2018-11-23 11:16:55,695 INFO L273 TraceCheckUtils]: 36: Hoare triple {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} is VALID [2018-11-23 11:16:55,695 INFO L273 TraceCheckUtils]: 37: Hoare triple {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} assume true; {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} is VALID [2018-11-23 11:16:55,698 INFO L268 TraceCheckUtils]: 38: Hoare quadruple {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} {2010#(and (= |#valid| |old(#valid)|) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} #116#return; {2031#(and (= (_ bv0 1) (select |old(#valid)| |sll_insert_#t~ret6.base|)) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= (store |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base| (store (store (select |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |sll_insert_#t~ret6.base|) node_create_~temp~0.offset))) |#memory_$Pointer$.base|)))} is VALID [2018-11-23 11:16:55,702 INFO L273 TraceCheckUtils]: 39: Hoare triple {2031#(and (= (_ bv0 1) (select |old(#valid)| |sll_insert_#t~ret6.base|)) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= (store |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base| (store (store (select |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |sll_insert_#t~ret6.base|) node_create_~temp~0.offset))) |#memory_$Pointer$.base|)))} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {2035#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (= (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) sll_insert_~last~0.base))} is VALID [2018-11-23 11:16:55,704 INFO L273 TraceCheckUtils]: 40: Hoare triple {2035#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (= (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) sll_insert_~last~0.base))} assume !!~bvsgt32(~index, 0bv32);~snd_to_last~0.base, ~snd_to_last~0.offset := ~last~0.base, ~last~0.offset;call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~last~0.base, ~bvadd32(4bv32, ~last~0.offset), 4bv32);~last~0.base, ~last~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset;#t~post9 := ~index;~index := ~bvsub32(#t~post9, 1bv32);havoc #t~post9; {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} is VALID [2018-11-23 11:16:55,705 INFO L273 TraceCheckUtils]: 41: Hoare triple {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} assume !~bvsgt32(~index, 0bv32); {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} is VALID [2018-11-23 11:16:55,714 INFO L273 TraceCheckUtils]: 42: Hoare triple {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} assume ~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32;call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~snd_to_last~0.base, ~bvadd32(4bv32, ~snd_to_last~0.offset), 4bv32); {2046#(and (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32))) (= (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) |#memory_$Pointer$.base|)))} is VALID [2018-11-23 11:16:57,724 INFO L273 TraceCheckUtils]: 43: Hoare triple {2046#(and (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32))) (= (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) |#memory_$Pointer$.base|)))} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} is UNKNOWN [2018-11-23 11:16:57,725 INFO L273 TraceCheckUtils]: 44: Hoare triple {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} assume true; {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} is VALID [2018-11-23 11:16:57,750 INFO L268 TraceCheckUtils]: 45: Hoare quadruple {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} {2002#(and (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (_ bv1 1) (select |#valid| |node_create_#t~malloc2.base|)) (not (= |node_create_#t~malloc2.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= |node_create_#t~malloc2.base| |main_~#s~0.base|)))) (= |main_~#s~0.offset| (_ bv0 32)) (not (= (select |#valid| |main_~#s~0.base|) (_ bv0 1))) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} #110#return; {2057#(and (= |main_~#s~0.offset| (_ bv0 32)) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (exists ((v_prenex_2 (_ BitVec 32))) (and (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd v_prenex_2 (_ bv4 32))))) (not (= (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd v_prenex_2 (_ bv4 32))))))))} is VALID [2018-11-23 11:16:57,752 INFO L273 TraceCheckUtils]: 46: Hoare triple {2057#(and (= |main_~#s~0.offset| (_ bv0 32)) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (exists ((v_prenex_2 (_ BitVec 32))) (and (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd v_prenex_2 (_ bv4 32))))) (not (= (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd v_prenex_2 (_ bv4 32))))))))} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {2061#(not (= (_ bv0 32) main_~ptr~0.base))} is VALID [2018-11-23 11:16:57,753 INFO L273 TraceCheckUtils]: 47: Hoare triple {2061#(not (= (_ bv0 32) main_~ptr~0.base))} assume !(~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32); {1899#false} is VALID [2018-11-23 11:16:57,753 INFO L273 TraceCheckUtils]: 48: Hoare triple {1899#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {1899#false} is VALID [2018-11-23 11:16:57,753 INFO L273 TraceCheckUtils]: 49: Hoare triple {1899#false} assume !false; {1899#false} is VALID [2018-11-23 11:16:57,770 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 2 proven. 6 refuted. 0 times theorem prover too weak. 1 trivial. 13 not checked. [2018-11-23 11:16:57,770 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:16:58,166 WARN L180 SmtUtils]: Spent 157.00 ms on a formula simplification that was a NOOP. DAG size: 29 [2018-11-23 11:16:58,647 WARN L180 SmtUtils]: Spent 463.00 ms on a formula simplification that was a NOOP. DAG size: 58 [2018-11-23 11:16:58,880 WARN L180 SmtUtils]: Spent 221.00 ms on a formula simplification that was a NOOP. DAG size: 42 [2018-11-23 11:16:59,282 WARN L180 SmtUtils]: Spent 396.00 ms on a formula simplification that was a NOOP. DAG size: 54 [2018-11-23 11:16:59,666 WARN L180 SmtUtils]: Spent 382.00 ms on a formula simplification that was a NOOP. DAG size: 50 [2018-11-23 11:16:59,798 WARN L833 TransFormulaUtils]: predicate-based correctness check returned UNKNOWN, hence correctness of interprocedural sequential composition was not checked. [2018-11-23 11:17:00,115 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:00,138 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:00,190 INFO L267 ElimStorePlain]: Start of recursive call 1: 5 dim-0 vars, 1 dim-2 vars, End of recursive call: 6 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:00,190 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 6 variables, input treesize:82, output treesize:165 [2018-11-23 11:17:00,249 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:17:00,249 WARN L384 uantifierElimination]: Input elimination task: ∀ [|v_#memory_$Pointer$.base_72|, v_sll_insert_~snd_to_last~0.offset_11, v_sll_insert_~new_node~0.base_10, v_sll_insert_~new_node~0.offset_10, v_sll_insert_~last~0.base_12, v_node_create_~temp~0.offset_22]. (or (not (= (select (select (let ((.cse0 (let ((.cse1 (select (select |v_#memory_$Pointer$.base_72| |main_~#s~0.base|) |main_~#s~0.offset|))) (store |v_#memory_$Pointer$.base_72| .cse1 (store (select |v_#memory_$Pointer$.base_72| .cse1) (bvadd v_sll_insert_~snd_to_last~0.offset_11 (_ bv4 32)) v_sll_insert_~new_node~0.base_10))))) (store .cse0 v_sll_insert_~new_node~0.base_10 (store (select .cse0 v_sll_insert_~new_node~0.base_10) (bvadd v_sll_insert_~new_node~0.offset_10 (_ bv4 32)) v_sll_insert_~last~0.base_12))) |main_~#s~0.base|) |main_~#s~0.offset|) (_ bv0 32))) (not (= (select |#valid| v_sll_insert_~new_node~0.base_10) (_ bv0 1))) (not (= |v_#memory_$Pointer$.base_72| (store |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_10 (store (store (select |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_10) (bvadd v_node_create_~temp~0.offset_22 (_ bv4 32)) (_ bv0 32)) v_node_create_~temp~0.offset_22 (select (select |v_#memory_$Pointer$.base_72| v_sll_insert_~new_node~0.base_10) v_node_create_~temp~0.offset_22)))))) [2018-11-23 11:17:00,249 WARN L385 uantifierElimination]: ElimStorePlain result: ∀ [v_sll_insert_~new_node~0.base_10, v_node_create_~temp~0.offset_22, v_DerPreprocessor_4, v_sll_insert_~snd_to_last~0.offset_11, v_sll_insert_~new_node~0.offset_10, v_sll_insert_~last~0.base_12]. (or (not (= (select |#valid| v_sll_insert_~new_node~0.base_10) (_ bv0 1))) (not (= (select (select (let ((.cse0 (let ((.cse1 (store |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_10 (store (store (select |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_10) (bvadd v_node_create_~temp~0.offset_22 (_ bv4 32)) (_ bv0 32)) v_node_create_~temp~0.offset_22 v_DerPreprocessor_4)))) (let ((.cse2 (select (select .cse1 |main_~#s~0.base|) |main_~#s~0.offset|))) (store .cse1 .cse2 (store (select .cse1 .cse2) (bvadd v_sll_insert_~snd_to_last~0.offset_11 (_ bv4 32)) v_sll_insert_~new_node~0.base_10)))))) (store .cse0 v_sll_insert_~new_node~0.base_10 (store (select .cse0 v_sll_insert_~new_node~0.base_10) (bvadd v_sll_insert_~new_node~0.offset_10 (_ bv4 32)) v_sll_insert_~last~0.base_12))) |main_~#s~0.base|) |main_~#s~0.offset|) (_ bv0 32)))) [2018-11-23 11:17:09,698 WARN L180 SmtUtils]: Spent 2.03 s on a formula simplification that was a NOOP. DAG size: 37 [2018-11-23 11:17:09,704 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-23 11:17:09,705 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FPBP No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-23 11:17:09,716 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:17:09,806 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:17:09,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:17:09,861 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:17:09,876 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-23 11:17:09,878 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:17:09,883 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:17:09,883 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2018-11-23 11:17:09,886 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:17:09,887 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_71|]. (= (store |v_#valid_71| |main_~#s~0.base| (_ bv1 1)) |#valid|) [2018-11-23 11:17:09,887 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (= (select |#valid| |main_~#s~0.base|) (_ bv1 1)) [2018-11-23 11:17:13,497 WARN L854 $PredicateComparison]: unable to prove that (exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |c_#valid| (store |c_old(#valid)| sll_create_~new_head~0.base (_ bv1 1)))) is different from true [2018-11-23 11:17:16,998 WARN L180 SmtUtils]: Spent 920.00 ms on a formula simplification that was a NOOP. DAG size: 17 [2018-11-23 11:17:19,126 WARN L180 SmtUtils]: Spent 160.00 ms on a formula simplification that was a NOOP. DAG size: 17 [2018-11-23 11:17:25,363 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:25,366 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:25,368 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 4 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 36 [2018-11-23 11:17:25,385 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 28 treesize of output 24 [2018-11-23 11:17:25,387 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:17:25,403 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:17:25,473 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:25,474 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:29, output treesize:28 [2018-11-23 11:17:25,480 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:17:25,480 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_BEFORE_CALL_20|, v_subst_1]. (let ((.cse0 (store |v_#valid_BEFORE_CALL_20| v_subst_1 (_ bv1 1)))) (and (not (= (_ bv0 32) |main_#t~ret10.base|)) (= (_ bv0 1) (select .cse0 |main_#t~ret10.base|)) (= |#valid| (store .cse0 |main_#t~ret10.base| (_ bv1 1))) (= (_ bv0 1) (bvadd (select |v_#valid_BEFORE_CALL_20| |main_~#s~0.base|) (_ bv1 1))))) [2018-11-23 11:17:25,480 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [v_subst_1]. (and (not (= (_ bv0 32) |main_#t~ret10.base|)) (not (= v_subst_1 |main_#t~ret10.base|)) (= (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (not (= |main_~#s~0.base| |main_#t~ret10.base|)) (= (_ bv1 1) (select |#valid| |main_#t~ret10.base|)) (= (select |#valid| v_subst_1) (_ bv1 1))) [2018-11-23 11:17:25,880 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:25,907 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:25,972 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: 3 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:25,972 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:47, output treesize:79 [2018-11-23 11:17:27,986 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:17:27,986 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_77|, sll_insert_~snd_to_last~0.offset, node_create_~temp~0.offset]. (and (= (let ((.cse0 (select (select |v_#memory_$Pointer$.base_77| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|))) (store |v_#memory_$Pointer$.base_77| .cse0 (store (select |v_#memory_$Pointer$.base_77| .cse0) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base))) |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (= |v_#memory_$Pointer$.base_77| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |v_#memory_$Pointer$.base_77| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) [2018-11-23 11:17:27,987 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [node_create_~temp~0.offset, v_DerPreprocessor_6, sll_insert_~snd_to_last~0.offset]. (and (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (= (let ((.cse0 (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_6)))) (let ((.cse1 (select (select .cse0 |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|))) (store .cse0 .cse1 (store (select .cse0 .cse1) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)))) |#memory_$Pointer$.base|)) [2018-11-23 11:17:37,834 WARN L180 SmtUtils]: Spent 1.54 s on a formula simplification. DAG size of input: 75 DAG size of output: 45 [2018-11-23 11:17:37,918 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:37,935 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:37,951 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:37,953 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 5 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 21 [2018-11-23 11:17:37,955 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:17:38,214 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:38,230 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:38,409 INFO L303 Elim1Store]: Index analysis took 227 ms [2018-11-23 11:17:38,410 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 126 treesize of output 90 [2018-11-23 11:17:38,424 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 16 [2018-11-23 11:17:38,441 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:38,452 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 23 [2018-11-23 11:17:38,454 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:17:38,498 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:17:38,663 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 90 treesize of output 75 [2018-11-23 11:17:38,682 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 13 [2018-11-23 11:17:38,684 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:17:38,834 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 67 treesize of output 67 [2018-11-23 11:17:38,848 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:17:39,002 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 4 case distinctions, treesize of input 23 treesize of output 46 [2018-11-23 11:17:39,008 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 4 xjuncts. [2018-11-23 11:17:39,187 INFO L267 ElimStorePlain]: Start of recursive call 8: 1 dim-1 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:17:39,361 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:17:39,538 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:17:39,788 INFO L267 ElimStorePlain]: Start of recursive call 1: 6 dim-0 vars, 1 dim-1 vars, 1 dim-2 vars, End of recursive call: 5 dim-0 vars, and 3 xjuncts. [2018-11-23 11:17:39,789 INFO L202 ElimStorePlain]: Needed 9 recursive calls to eliminate 8 variables, input treesize:191, output treesize:186 [2018-11-23 11:17:39,944 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:17:39,945 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_old(#memory_$Pointer$.base)_AFTER_CALL_37|, sll_insert_~new_node~0.base, node_create_~temp~0.offset, v_DerPreprocessor_2, sll_insert_~snd_to_last~0.offset, sll_insert_~new_node~0.offset, sll_insert_~last~0.base, |v_#valid_BEFORE_CALL_24|]. (let ((.cse0 (select (select |v_old(#memory_$Pointer$.base)_AFTER_CALL_37| |main_~#s~0.base|) |main_~#s~0.offset|))) (and (= (_ bv0 1) (select |v_#valid_BEFORE_CALL_24| sll_insert_~new_node~0.base)) (= (bvadd (select |v_#valid_BEFORE_CALL_24| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (not (= .cse0 (_ bv0 32))) (= (let ((.cse1 (let ((.cse2 (store |v_old(#memory_$Pointer$.base)_AFTER_CALL_37| sll_insert_~new_node~0.base (store (store (select |v_old(#memory_$Pointer$.base)_AFTER_CALL_37| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)))) (let ((.cse3 (select (select .cse2 |main_~#s~0.base|) |main_~#s~0.offset|))) (store .cse2 .cse3 (store (select .cse2 .cse3) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)))))) (store .cse1 sll_insert_~new_node~0.base (store (select .cse1 sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) |#memory_$Pointer$.base|) (= (_ bv1 1) (select |v_#valid_BEFORE_CALL_24| .cse0)) (not (= .cse0 |main_~#s~0.base|)))) [2018-11-23 11:17:39,945 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ [v_prenex_3, sll_insert_~new_node~0.offset, sll_insert_~snd_to_last~0.offset, v_prenex_4, node_create_~temp~0.offset]. (let ((.cse0 (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (let ((.cse2 (not (= |main_~#s~0.base| .cse0))) (.cse3 (not (= (_ bv0 32) .cse0))) (.cse4 (select |#memory_$Pointer$.base| .cse0))) (or (let ((.cse1 (select .cse4 (bvadd v_prenex_3 (_ bv4 32))))) (and (not (= .cse0 .cse1)) (not (= |main_~#s~0.base| .cse1)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| .cse1) (bvadd sll_insert_~new_node~0.offset (_ bv8 32)))) .cse2 .cse3)) (let ((.cse5 (select .cse4 (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32))))) (and (not (= .cse0 .cse5)) (not (= |main_~#s~0.base| .cse5)) .cse2 .cse3)) (let ((.cse6 (select .cse4 (bvadd v_prenex_4 (_ bv4 32))))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| .cse6) (bvadd node_create_~temp~0.offset (_ bv4 32)))) (not (= .cse0 .cse6)) (not (= |main_~#s~0.base| .cse6)) .cse2 .cse3))))) [2018-11-23 11:17:44,658 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 56 treesize of output 36 [2018-11-23 11:17:44,668 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 11 [2018-11-23 11:17:44,671 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:17:44,699 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 9 [2018-11-23 11:17:44,700 INFO L267 ElimStorePlain]: Start of recursive call 4: End of recursive call: and 1 xjuncts. [2018-11-23 11:17:44,711 INFO L267 ElimStorePlain]: Start of recursive call 2: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:17:44,719 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:17:44,719 INFO L202 ElimStorePlain]: Needed 4 recursive calls to eliminate 4 variables, input treesize:56, output treesize:4 [2018-11-23 11:17:44,725 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:17:44,726 WARN L384 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.base|, |main_~#s~0.base|, |main_~#s~0.offset|, sll_insert_~snd_to_last~0.offset]. (let ((.cse0 (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (let ((.cse1 (select (select |#memory_$Pointer$.base| .cse0) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32))))) (and (not (= .cse0 .cse1)) (not (= |main_~#s~0.base| .cse1)) (= main_~ptr~0.base .cse0) (not (= |main_~#s~0.base| .cse0)) (not (= (_ bv0 32) .cse0))))) [2018-11-23 11:17:44,726 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (not (= (_ bv0 32) main_~ptr~0.base)) [2018-11-23 11:17:44,730 INFO L256 TraceCheckUtils]: 0: Hoare triple {1898#true} call ULTIMATE.init(); {1898#true} is VALID [2018-11-23 11:17:44,730 INFO L273 TraceCheckUtils]: 1: Hoare triple {1898#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1898#true} is VALID [2018-11-23 11:17:44,730 INFO L273 TraceCheckUtils]: 2: Hoare triple {1898#true} assume true; {1898#true} is VALID [2018-11-23 11:17:44,730 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1898#true} {1898#true} #118#return; {1898#true} is VALID [2018-11-23 11:17:44,731 INFO L256 TraceCheckUtils]: 4: Hoare triple {1898#true} call #t~ret16 := main(); {1898#true} is VALID [2018-11-23 11:17:44,732 INFO L273 TraceCheckUtils]: 5: Hoare triple {1898#true} ~len~0 := 2bv32;~data~0 := 1bv32;call ~#s~0.base, ~#s~0.offset := #Ultimate.alloc(4bv32); {2103#(= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2018-11-23 11:17:44,738 INFO L256 TraceCheckUtils]: 6: Hoare triple {2103#(= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1))} call #t~ret10.base, #t~ret10.offset := sll_create(~len~0, ~data~0); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:17:44,738 INFO L273 TraceCheckUtils]: 7: Hoare triple {1922#(= |#valid| |old(#valid)|)} ~len := #in~len;~data := #in~data;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:17:44,740 INFO L273 TraceCheckUtils]: 8: Hoare triple {1922#(= |#valid| |old(#valid)|)} assume !!~bvsgt32(~len, 0bv32); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:17:44,742 INFO L256 TraceCheckUtils]: 9: Hoare triple {1922#(= |#valid| |old(#valid)|)} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:17:44,742 INFO L273 TraceCheckUtils]: 10: Hoare triple {1922#(= |#valid| |old(#valid)|)} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {2119#(= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|)} is VALID [2018-11-23 11:17:44,745 INFO L273 TraceCheckUtils]: 11: Hoare triple {2119#(= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|)} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {2119#(= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|)} is VALID [2018-11-23 11:17:44,746 INFO L273 TraceCheckUtils]: 12: Hoare triple {2119#(= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|)} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {2126#(= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|)} is VALID [2018-11-23 11:17:44,747 INFO L273 TraceCheckUtils]: 13: Hoare triple {2126#(= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|)} assume true; {2126#(= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|)} is VALID [2018-11-23 11:17:44,750 INFO L268 TraceCheckUtils]: 14: Hoare quadruple {2126#(= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|)} {1922#(= |#valid| |old(#valid)|)} #114#return; {2133#(= |#valid| (store |old(#valid)| |sll_create_#t~ret4.base| (_ bv1 1)))} is VALID [2018-11-23 11:17:44,753 INFO L273 TraceCheckUtils]: 15: Hoare triple {2133#(= |#valid| (store |old(#valid)| |sll_create_#t~ret4.base| (_ bv1 1)))} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {2137#(exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |#valid| (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1))))} is VALID [2018-11-23 11:17:44,757 INFO L273 TraceCheckUtils]: 16: Hoare triple {2137#(exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |#valid| (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1))))} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2137#(exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |#valid| (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1))))} is VALID [2018-11-23 11:17:44,758 INFO L273 TraceCheckUtils]: 17: Hoare triple {2137#(exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |#valid| (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1))))} assume !!~bvsgt32(~len, 0bv32); {2137#(exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |#valid| (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1))))} is VALID [2018-11-23 11:17:44,758 INFO L256 TraceCheckUtils]: 18: Hoare triple {2137#(exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |#valid| (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1))))} call #t~ret4.base, #t~ret4.offset := node_create(~data); {1922#(= |#valid| |old(#valid)|)} is VALID [2018-11-23 11:17:44,760 INFO L273 TraceCheckUtils]: 19: Hoare triple {1922#(= |#valid| |old(#valid)|)} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} is VALID [2018-11-23 11:17:44,760 INFO L273 TraceCheckUtils]: 20: Hoare triple {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} is VALID [2018-11-23 11:17:44,762 INFO L273 TraceCheckUtils]: 21: Hoare triple {1963#(and (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)) (not (= (_ bv0 32) node_create_~temp~0.base)) (= (store |old(#valid)| node_create_~temp~0.base (_ bv1 1)) |#valid|))} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} is VALID [2018-11-23 11:17:44,763 INFO L273 TraceCheckUtils]: 22: Hoare triple {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} assume true; {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} is VALID [2018-11-23 11:17:44,766 INFO L268 TraceCheckUtils]: 23: Hoare quadruple {1970#(and (= (store |old(#valid)| |node_create_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)) (not (= (_ bv0 32) |node_create_#res.base|)))} {2137#(exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |#valid| (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1))))} #114#return; {2162#(and (exists ((sll_create_~new_head~0.base (_ BitVec 32))) (and (= (_ bv0 1) (select (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1)) |sll_create_#t~ret4.base|)) (= |#valid| (store (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1)) |sll_create_#t~ret4.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#t~ret4.base|)))} is VALID [2018-11-23 11:17:44,769 INFO L273 TraceCheckUtils]: 24: Hoare triple {2162#(and (exists ((sll_create_~new_head~0.base (_ BitVec 32))) (and (= (_ bv0 1) (select (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1)) |sll_create_#t~ret4.base|)) (= |#valid| (store (store |old(#valid)| sll_create_~new_head~0.base (_ bv1 1)) |sll_create_#t~ret4.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#t~ret4.base|)))} ~new_head~0.base, ~new_head~0.offset := #t~ret4.base, #t~ret4.offset;havoc #t~ret4.base, #t~ret4.offset;call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~bvadd32(4bv32, ~new_head~0.offset), 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset; {2166#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((v_subst_1 (_ BitVec 32))) (and (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base (_ bv1 1))) (= (_ bv0 1) (select (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base)))))} is VALID [2018-11-23 11:17:44,770 INFO L273 TraceCheckUtils]: 25: Hoare triple {2166#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((v_subst_1 (_ BitVec 32))) (and (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base (_ bv1 1))) (= (_ bv0 1) (select (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base)))))} #t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2166#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((v_subst_1 (_ BitVec 32))) (and (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base (_ bv1 1))) (= (_ bv0 1) (select (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base)))))} is VALID [2018-11-23 11:17:44,771 INFO L273 TraceCheckUtils]: 26: Hoare triple {2166#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((v_subst_1 (_ BitVec 32))) (and (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base (_ bv1 1))) (= (_ bv0 1) (select (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base)))))} assume !~bvsgt32(~len, 0bv32); {2166#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((v_subst_1 (_ BitVec 32))) (and (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base (_ bv1 1))) (= (_ bv0 1) (select (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base)))))} is VALID [2018-11-23 11:17:44,777 INFO L273 TraceCheckUtils]: 27: Hoare triple {2166#(and (not (= sll_create_~head~0.base (_ bv0 32))) (exists ((v_subst_1 (_ BitVec 32))) (and (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base (_ bv1 1))) (= (_ bv0 1) (select (store |old(#valid)| v_subst_1 (_ bv1 1)) sll_create_~head~0.base)))))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {2176#(and (exists ((v_subst_1 (_ BitVec 32))) (and (= (select (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} is VALID [2018-11-23 11:17:44,778 INFO L273 TraceCheckUtils]: 28: Hoare triple {2176#(and (exists ((v_subst_1 (_ BitVec 32))) (and (= (select (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} assume true; {2176#(and (exists ((v_subst_1 (_ BitVec 32))) (and (= (select (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} is VALID [2018-11-23 11:17:44,784 INFO L268 TraceCheckUtils]: 29: Hoare quadruple {2176#(and (exists ((v_subst_1 (_ BitVec 32))) (and (= (select (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base|) (_ bv0 1)) (= |#valid| (store (store |old(#valid)| v_subst_1 (_ bv1 1)) |sll_create_#res.base| (_ bv1 1))))) (not (= (_ bv0 32) |sll_create_#res.base|)))} {2103#(= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1))} #108#return; {2183#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (not (= (_ bv0 32) |main_#t~ret10.base|)) (not (= |main_~#s~0.base| |main_#t~ret10.base|)) (= (_ bv1 1) (select |#valid| |main_#t~ret10.base|)))} is VALID [2018-11-23 11:17:44,786 INFO L273 TraceCheckUtils]: 30: Hoare triple {2183#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (not (= (_ bv0 32) |main_#t~ret10.base|)) (not (= |main_~#s~0.base| |main_#t~ret10.base|)) (= (_ bv1 1) (select |#valid| |main_#t~ret10.base|)))} call write~init~$Pointer$(#t~ret10.base, #t~ret10.offset, ~#s~0.base, ~#s~0.offset, 4bv32);havoc #t~ret10.base, #t~ret10.offset; {2187#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} is VALID [2018-11-23 11:17:44,792 INFO L256 TraceCheckUtils]: 31: Hoare triple {2187#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} call sll_insert(~#s~0.base, ~#s~0.offset, ~data~0, ~bvsdiv32(~len~0, 2bv32)); {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:17:44,792 INFO L273 TraceCheckUtils]: 32: Hoare triple {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~data := #in~data;~index := #in~index; {2010#(and (= |#valid| |old(#valid)|) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:17:44,795 INFO L256 TraceCheckUtils]: 33: Hoare triple {2010#(and (= |#valid| |old(#valid)|) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} call #t~ret6.base, #t~ret6.offset := node_create(~data); {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:17:44,796 INFO L273 TraceCheckUtils]: 34: Hoare triple {2006#(and (= |#valid| |old(#valid)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} ~data := #in~data;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(8bv32);~temp~0.base, ~temp~0.offset := #t~malloc2.base, #t~malloc2.offset; {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} is VALID [2018-11-23 11:17:44,798 INFO L273 TraceCheckUtils]: 35: Hoare triple {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} assume !(0bv32 == ~temp~0.base && 0bv32 == ~temp~0.offset); {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} is VALID [2018-11-23 11:17:44,802 INFO L273 TraceCheckUtils]: 36: Hoare triple {2017#(and (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (_ bv0 1) (select |old(#valid)| node_create_~temp~0.base)))} call write~$Pointer$(0bv32, 0bv32, ~temp~0.base, ~bvadd32(4bv32, ~temp~0.offset), 4bv32);call write~intINTTYPE4(~data, ~temp~0.base, ~temp~0.offset, 4bv32);#res.base, #res.offset := ~temp~0.base, ~temp~0.offset; {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} is VALID [2018-11-23 11:17:44,803 INFO L273 TraceCheckUtils]: 37: Hoare triple {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} assume true; {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} is VALID [2018-11-23 11:17:44,806 INFO L268 TraceCheckUtils]: 38: Hoare quadruple {2024#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| |node_create_#res.base| (store (store (select |old(#memory_$Pointer$.base)| |node_create_#res.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |node_create_#res.base|) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| |node_create_#res.base|)))} {2010#(and (= |#valid| |old(#valid)|) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} #116#return; {2031#(and (= (_ bv0 1) (select |old(#valid)| |sll_insert_#t~ret6.base|)) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= (store |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base| (store (store (select |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |sll_insert_#t~ret6.base|) node_create_~temp~0.offset))) |#memory_$Pointer$.base|)))} is VALID [2018-11-23 11:17:44,809 INFO L273 TraceCheckUtils]: 39: Hoare triple {2031#(and (= (_ bv0 1) (select |old(#valid)| |sll_insert_#t~ret6.base|)) (= sll_insert_~head.base |sll_insert_#in~head.base|) (= sll_insert_~head.offset |sll_insert_#in~head.offset|) (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= (store |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base| (store (store (select |old(#memory_$Pointer$.base)| |sll_insert_#t~ret6.base|) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| |sll_insert_#t~ret6.base|) node_create_~temp~0.offset))) |#memory_$Pointer$.base|)))} ~new_node~0.base, ~new_node~0.offset := #t~ret6.base, #t~ret6.offset;havoc #t~ret6.base, #t~ret6.offset;~snd_to_last~0.base, ~snd_to_last~0.offset := 0bv32, 0bv32;call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~last~0.base, ~last~0.offset := #t~mem7.base, #t~mem7.offset;havoc #t~mem7.base, #t~mem7.offset; {2035#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (= (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) sll_insert_~last~0.base))} is VALID [2018-11-23 11:17:44,814 INFO L273 TraceCheckUtils]: 40: Hoare triple {2035#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (= (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) sll_insert_~last~0.base))} assume !!~bvsgt32(~index, 0bv32);~snd_to_last~0.base, ~snd_to_last~0.offset := ~last~0.base, ~last~0.offset;call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~last~0.base, ~bvadd32(4bv32, ~last~0.offset), 4bv32);~last~0.base, ~last~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset;#t~post9 := ~index;~index := ~bvsub32(#t~post9, 1bv32);havoc #t~post9; {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} is VALID [2018-11-23 11:17:44,814 INFO L273 TraceCheckUtils]: 41: Hoare triple {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} assume !~bvsgt32(~index, 0bv32); {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} is VALID [2018-11-23 11:17:44,822 INFO L273 TraceCheckUtils]: 42: Hoare triple {2039#(and (exists ((node_create_~temp~0.offset (_ BitVec 32))) (= |#memory_$Pointer$.base| (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset (select (select |#memory_$Pointer$.base| sll_insert_~new_node~0.base) node_create_~temp~0.offset))))) (= sll_insert_~snd_to_last~0.base (select (select |#memory_$Pointer$.base| |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)))} assume ~snd_to_last~0.base != 0bv32 || ~snd_to_last~0.offset != 0bv32;call write~$Pointer$(~new_node~0.base, ~new_node~0.offset, ~snd_to_last~0.base, ~bvadd32(4bv32, ~snd_to_last~0.offset), 4bv32); {2046#(and (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32))) (= (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) |#memory_$Pointer$.base|)))} is VALID [2018-11-23 11:17:46,828 INFO L273 TraceCheckUtils]: 43: Hoare triple {2046#(and (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base)) (exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32))) (= (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) |#memory_$Pointer$.base|)))} call write~$Pointer$(~last~0.base, ~last~0.offset, ~new_node~0.base, ~bvadd32(4bv32, ~new_node~0.offset), 4bv32); {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} is UNKNOWN [2018-11-23 11:17:46,829 INFO L273 TraceCheckUtils]: 44: Hoare triple {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} assume true; {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} is VALID [2018-11-23 11:17:46,857 INFO L268 TraceCheckUtils]: 45: Hoare quadruple {2050#(exists ((node_create_~temp~0.offset (_ BitVec 32)) (v_DerPreprocessor_2 (_ BitVec 32)) (sll_insert_~new_node~0.base (_ BitVec 32)) (sll_insert_~snd_to_last~0.offset (_ BitVec 32)) (sll_insert_~last~0.base (_ BitVec 32)) (sll_insert_~new_node~0.offset (_ BitVec 32))) (and (= |#memory_$Pointer$.base| (store (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base (store (select (store (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|) (store (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) (select (select (store |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base (store (store (select |old(#memory_$Pointer$.base)| sll_insert_~new_node~0.base) (bvadd node_create_~temp~0.offset (_ bv4 32)) (_ bv0 32)) node_create_~temp~0.offset v_DerPreprocessor_2)) |sll_insert_#in~head.base|) |sll_insert_#in~head.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32)) sll_insert_~new_node~0.base)) sll_insert_~new_node~0.base) (bvadd sll_insert_~new_node~0.offset (_ bv4 32)) sll_insert_~last~0.base))) (= (_ bv0 1) (select |old(#valid)| sll_insert_~new_node~0.base))))} {2187#(and (= (bvadd (select |#valid| |main_~#s~0.base|) (_ bv1 1)) (_ bv0 1)) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} #110#return; {2233#(and (exists ((sll_insert_~snd_to_last~0.offset (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32))))) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32))))))) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} is VALID [2018-11-23 11:17:46,858 INFO L273 TraceCheckUtils]: 46: Hoare triple {2233#(and (exists ((sll_insert_~snd_to_last~0.offset (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32))))) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|)) (bvadd sll_insert_~snd_to_last~0.offset (_ bv4 32))))))) (not (= |main_~#s~0.base| (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_~#s~0.base|) |main_~#s~0.offset|))))} call #t~mem11.base, #t~mem11.offset := read~$Pointer$(~#s~0.base, ~#s~0.offset, 4bv32);~ptr~0.base, ~ptr~0.offset := #t~mem11.base, #t~mem11.offset;havoc #t~mem11.base, #t~mem11.offset;~count~0 := 0bv32; {2061#(not (= (_ bv0 32) main_~ptr~0.base))} is VALID [2018-11-23 11:17:46,859 INFO L273 TraceCheckUtils]: 47: Hoare triple {2061#(not (= (_ bv0 32) main_~ptr~0.base))} assume !(~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32); {1899#false} is VALID [2018-11-23 11:17:46,859 INFO L273 TraceCheckUtils]: 48: Hoare triple {1899#false} assume ~count~0 != ~bvadd32(1bv32, ~len~0); {1899#false} is VALID [2018-11-23 11:17:46,859 INFO L273 TraceCheckUtils]: 49: Hoare triple {1899#false} assume !false; {1899#false} is VALID [2018-11-23 11:17:46,868 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 6 proven. 11 refuted. 0 times theorem prover too weak. 1 trivial. 4 not checked. [2018-11-23 11:17:46,868 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:17:47,599 WARN L180 SmtUtils]: Spent 472.00 ms on a formula simplification that was a NOOP. DAG size: 58 [2018-11-23 11:17:47,872 WARN L180 SmtUtils]: Spent 268.00 ms on a formula simplification that was a NOOP. DAG size: 42 [2018-11-23 11:17:48,293 WARN L180 SmtUtils]: Spent 417.00 ms on a formula simplification that was a NOOP. DAG size: 54 [2018-11-23 11:17:48,679 WARN L180 SmtUtils]: Spent 384.00 ms on a formula simplification that was a NOOP. DAG size: 50 [2018-11-23 11:17:48,855 WARN L833 TransFormulaUtils]: predicate-based correctness check returned UNKNOWN, hence correctness of interprocedural sequential composition was not checked. [2018-11-23 11:17:49,515 INFO L267 ElimStorePlain]: Start of recursive call 3: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:49,549 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:49,632 INFO L267 ElimStorePlain]: Start of recursive call 1: 5 dim-0 vars, 1 dim-2 vars, End of recursive call: 6 dim-0 vars, and 1 xjuncts. [2018-11-23 11:17:49,633 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 6 variables, input treesize:82, output treesize:165 [2018-11-23 11:17:49,782 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:17:49,783 WARN L384 uantifierElimination]: Input elimination task: ∀ [|v_#memory_$Pointer$.base_94|, v_sll_insert_~snd_to_last~0.offset_15, v_sll_insert_~new_node~0.base_13, v_sll_insert_~new_node~0.offset_13, v_sll_insert_~last~0.base_17, v_node_create_~temp~0.offset_28]. (or (not (= (_ bv0 32) (select (select (let ((.cse0 (let ((.cse1 (select (select |v_#memory_$Pointer$.base_94| |main_~#s~0.base|) |main_~#s~0.offset|))) (store |v_#memory_$Pointer$.base_94| .cse1 (store (select |v_#memory_$Pointer$.base_94| .cse1) (bvadd v_sll_insert_~snd_to_last~0.offset_15 (_ bv4 32)) v_sll_insert_~new_node~0.base_13))))) (store .cse0 v_sll_insert_~new_node~0.base_13 (store (select .cse0 v_sll_insert_~new_node~0.base_13) (bvadd v_sll_insert_~new_node~0.offset_13 (_ bv4 32)) v_sll_insert_~last~0.base_17))) |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (select |#valid| v_sll_insert_~new_node~0.base_13) (_ bv0 1))) (not (= |v_#memory_$Pointer$.base_94| (store |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_13 (store (store (select |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_13) (bvadd v_node_create_~temp~0.offset_28 (_ bv4 32)) (_ bv0 32)) v_node_create_~temp~0.offset_28 (select (select |v_#memory_$Pointer$.base_94| v_sll_insert_~new_node~0.base_13) v_node_create_~temp~0.offset_28)))))) [2018-11-23 11:17:49,783 WARN L385 uantifierElimination]: ElimStorePlain result: ∀ [v_sll_insert_~new_node~0.base_13, v_node_create_~temp~0.offset_28, v_DerPreprocessor_8, v_sll_insert_~snd_to_last~0.offset_15, v_sll_insert_~new_node~0.offset_13, v_sll_insert_~last~0.base_17]. (or (not (= (_ bv0 32) (select (select (let ((.cse0 (let ((.cse1 (store |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_13 (store (store (select |#memory_$Pointer$.base| v_sll_insert_~new_node~0.base_13) (bvadd v_node_create_~temp~0.offset_28 (_ bv4 32)) (_ bv0 32)) v_node_create_~temp~0.offset_28 v_DerPreprocessor_8)))) (let ((.cse2 (select (select .cse1 |main_~#s~0.base|) |main_~#s~0.offset|))) (store .cse1 .cse2 (store (select .cse1 .cse2) (bvadd v_sll_insert_~snd_to_last~0.offset_15 (_ bv4 32)) v_sll_insert_~new_node~0.base_13)))))) (store .cse0 v_sll_insert_~new_node~0.base_13 (store (select .cse0 v_sll_insert_~new_node~0.base_13) (bvadd v_sll_insert_~new_node~0.offset_13 (_ bv4 32)) v_sll_insert_~last~0.base_17))) |main_~#s~0.base|) |main_~#s~0.offset|))) (not (= (select |#valid| v_sll_insert_~new_node~0.base_13) (_ bv0 1)))) [2018-11-23 11:18:05,920 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:18:05,921 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [23, 26] total 34 [2018-11-23 11:18:05,921 INFO L78 Accepts]: Start accepts. Automaton has 34 states. Word has length 50 [2018-11-23 11:18:05,922 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:18:05,922 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 34 states. [2018-11-23 11:18:10,441 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 72 edges. 70 inductive. 0 not inductive. 2 times theorem prover too weak to decide inductivity. [2018-11-23 11:18:10,441 INFO L459 AbstractCegarLoop]: Interpolant automaton has 34 states [2018-11-23 11:18:10,441 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2018-11-23 11:18:10,442 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=97, Invalid=1007, Unknown=30, NotChecked=198, Total=1332 [2018-11-23 11:18:10,442 INFO L87 Difference]: Start difference. First operand 42 states and 48 transitions. Second operand 34 states. [2018-11-23 11:19:09,797 WARN L180 SmtUtils]: Spent 4.11 s on a formula simplification. DAG size of input: 40 DAG size of output: 29 [2018-11-23 11:19:22,536 WARN L180 SmtUtils]: Spent 1.01 s on a formula simplification that was a NOOP. DAG size: 15 [2018-11-23 11:19:29,651 WARN L854 $PredicateComparison]: unable to prove that (and (exists ((sll_create_~new_head~0.base (_ BitVec 32))) (= |c_#valid| (store |c_old(#valid)| sll_create_~new_head~0.base (_ bv1 1)))) (exists ((|node_create_#t~malloc2.base| (_ BitVec 32))) (and (= (select |c_old(#valid)| |node_create_#t~malloc2.base|) (_ bv0 1)) (= |c_#valid| (store |c_old(#valid)| |node_create_#t~malloc2.base| (_ bv1 1)))))) is different from true