java -ea -Xmx8000000000 -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc ../../../trunk/examples/toolchains/AutomizerCInline_WitnessPrinter.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf -i ../../../trunk/examples/svcomp/list-ext3-properties/sll_length_check_true-unreach-call_true-valid-memsafety.i -------------------------------------------------------------------------------- This is Ultimate 0.1.23-61f4311 [2018-11-23 11:21:29,654 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-23 11:21:29,656 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-23 11:21:29,668 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-23 11:21:29,669 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-23 11:21:29,670 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-23 11:21:29,671 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-23 11:21:29,673 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-23 11:21:29,675 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-23 11:21:29,676 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-23 11:21:29,677 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-23 11:21:29,677 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-23 11:21:29,678 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-23 11:21:29,679 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-23 11:21:29,680 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-23 11:21:29,681 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-23 11:21:29,682 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-23 11:21:29,684 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-23 11:21:29,686 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-23 11:21:29,688 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-23 11:21:29,689 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-23 11:21:29,696 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-23 11:21:29,700 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-23 11:21:29,700 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-23 11:21:29,701 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-23 11:21:29,702 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-23 11:21:29,703 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-23 11:21:29,704 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-23 11:21:29,705 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-23 11:21:29,706 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-23 11:21:29,706 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-23 11:21:29,707 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-23 11:21:29,707 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-23 11:21:29,707 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-23 11:21:29,708 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-23 11:21:29,709 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-23 11:21:29,709 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf [2018-11-23 11:21:29,724 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-23 11:21:29,724 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-23 11:21:29,725 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-23 11:21:29,726 INFO L133 SettingsManager]: * ... calls to implemented procedures=ONLY_FOR_CONCURRENT_PROGRAMS [2018-11-23 11:21:29,726 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-23 11:21:29,726 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-23 11:21:29,727 INFO L133 SettingsManager]: * Use SBE=true [2018-11-23 11:21:29,727 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-23 11:21:29,727 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-23 11:21:29,727 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-23 11:21:29,727 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-23 11:21:29,728 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-23 11:21:29,728 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-23 11:21:29,728 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-23 11:21:29,728 INFO L133 SettingsManager]: * Use bitvectors instead of ints=true [2018-11-23 11:21:29,728 INFO L133 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2018-11-23 11:21:29,729 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-23 11:21:29,729 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-23 11:21:29,729 INFO L133 SettingsManager]: * Use constant arrays=true [2018-11-23 11:21:29,729 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-23 11:21:29,729 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-23 11:21:29,730 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-23 11:21:29,730 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-23 11:21:29,730 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-23 11:21:29,730 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 11:21:29,730 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-23 11:21:29,731 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-23 11:21:29,731 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-23 11:21:29,731 INFO L133 SettingsManager]: * Trace refinement strategy=WOLF [2018-11-23 11:21:29,731 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-23 11:21:29,731 INFO L133 SettingsManager]: * Command for external solver=cvc4nyu --tear-down-incremental --rewrite-divk --print-success --lang smt [2018-11-23 11:21:29,732 INFO L133 SettingsManager]: * Logic for external solver=AUFBV [2018-11-23 11:21:29,732 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2018-11-23 11:21:29,777 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-23 11:21:29,791 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-23 11:21:29,795 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-23 11:21:29,797 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-23 11:21:29,797 INFO L276 PluginConnector]: CDTParser initialized [2018-11-23 11:21:29,798 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/list-ext3-properties/sll_length_check_true-unreach-call_true-valid-memsafety.i [2018-11-23 11:21:29,856 INFO L221 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d75b0b550/fdbe85feeaf74fc38a73b23348a3fd09/FLAG651f5743b [2018-11-23 11:21:30,434 INFO L307 CDTParser]: Found 1 translation units. [2018-11-23 11:21:30,435 INFO L161 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/list-ext3-properties/sll_length_check_true-unreach-call_true-valid-memsafety.i [2018-11-23 11:21:30,451 INFO L355 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d75b0b550/fdbe85feeaf74fc38a73b23348a3fd09/FLAG651f5743b [2018-11-23 11:21:30,833 INFO L363 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d75b0b550/fdbe85feeaf74fc38a73b23348a3fd09 [2018-11-23 11:21:30,845 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-23 11:21:30,847 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2018-11-23 11:21:30,848 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-23 11:21:30,848 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-23 11:21:30,853 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-23 11:21:30,855 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 11:21:30" (1/1) ... [2018-11-23 11:21:30,858 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@750d34db and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:30, skipping insertion in model container [2018-11-23 11:21:30,859 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 11:21:30" (1/1) ... [2018-11-23 11:21:30,871 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-23 11:21:30,933 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-23 11:21:31,330 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 11:21:31,343 INFO L191 MainTranslator]: Completed pre-run [2018-11-23 11:21:31,433 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 11:21:31,501 INFO L195 MainTranslator]: Completed translation [2018-11-23 11:21:31,501 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31 WrapperNode [2018-11-23 11:21:31,502 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-23 11:21:31,502 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2018-11-23 11:21:31,503 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2018-11-23 11:21:31,503 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2018-11-23 11:21:31,587 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,617 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,626 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2018-11-23 11:21:31,627 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-23 11:21:31,627 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-23 11:21:31,627 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-23 11:21:31,635 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,635 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,639 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,640 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,668 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,682 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,684 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... [2018-11-23 11:21:31,691 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-23 11:21:31,692 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-23 11:21:31,692 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-23 11:21:31,692 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-23 11:21:31,693 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 11:21:31,747 INFO L130 BoogieDeclarations]: Found specification of procedure sll_destroy [2018-11-23 11:21:31,747 INFO L138 BoogieDeclarations]: Found implementation of procedure sll_destroy [2018-11-23 11:21:31,748 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-23 11:21:31,748 INFO L130 BoogieDeclarations]: Found specification of procedure sll_length [2018-11-23 11:21:31,748 INFO L138 BoogieDeclarations]: Found implementation of procedure sll_length [2018-11-23 11:21:31,748 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2018-11-23 11:21:31,748 INFO L138 BoogieDeclarations]: Found implementation of procedure exit [2018-11-23 11:21:31,749 INFO L130 BoogieDeclarations]: Found specification of procedure sll_create [2018-11-23 11:21:31,749 INFO L138 BoogieDeclarations]: Found implementation of procedure sll_create [2018-11-23 11:21:31,749 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-23 11:21:31,749 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-23 11:21:31,749 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-23 11:21:31,750 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-23 11:21:31,750 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2018-11-23 11:21:31,750 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2018-11-23 11:21:31,750 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2018-11-23 11:21:31,751 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-23 11:21:31,751 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-23 11:21:32,543 INFO L275 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-23 11:21:32,543 INFO L280 CfgBuilder]: Removed 4 assue(true) statements. [2018-11-23 11:21:32,544 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 11:21:32 BoogieIcfgContainer [2018-11-23 11:21:32,544 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-23 11:21:32,546 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-23 11:21:32,546 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-23 11:21:32,549 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-23 11:21:32,550 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 11:21:30" (1/3) ... [2018-11-23 11:21:32,551 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@794ed684 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 11:21:32, skipping insertion in model container [2018-11-23 11:21:32,551 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:21:31" (2/3) ... [2018-11-23 11:21:32,552 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@794ed684 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 11:21:32, skipping insertion in model container [2018-11-23 11:21:32,552 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 11:21:32" (3/3) ... [2018-11-23 11:21:32,554 INFO L112 eAbstractionObserver]: Analyzing ICFG sll_length_check_true-unreach-call_true-valid-memsafety.i [2018-11-23 11:21:32,562 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-23 11:21:32,570 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-11-23 11:21:32,585 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-11-23 11:21:32,616 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-23 11:21:32,617 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-23 11:21:32,617 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-23 11:21:32,617 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-23 11:21:32,617 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-23 11:21:32,617 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-23 11:21:32,618 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-23 11:21:32,618 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-23 11:21:32,618 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-23 11:21:32,636 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states. [2018-11-23 11:21:32,642 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2018-11-23 11:21:32,642 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:32,643 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:32,645 INFO L423 AbstractCegarLoop]: === Iteration 1 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:32,650 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:32,651 INFO L82 PathProgramCache]: Analyzing trace with hash 147460460, now seen corresponding path program 1 times [2018-11-23 11:21:32,655 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:32,655 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:32,674 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:21:32,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:32,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:32,762 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:32,952 INFO L256 TraceCheckUtils]: 0: Hoare triple {41#true} call ULTIMATE.init(); {41#true} is VALID [2018-11-23 11:21:32,956 INFO L273 TraceCheckUtils]: 1: Hoare triple {41#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {41#true} is VALID [2018-11-23 11:21:32,956 INFO L273 TraceCheckUtils]: 2: Hoare triple {41#true} assume true; {41#true} is VALID [2018-11-23 11:21:32,957 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {41#true} {41#true} #91#return; {41#true} is VALID [2018-11-23 11:21:32,957 INFO L256 TraceCheckUtils]: 4: Hoare triple {41#true} call #t~ret11 := main(); {41#true} is VALID [2018-11-23 11:21:32,957 INFO L273 TraceCheckUtils]: 5: Hoare triple {41#true} ~len~1 := 2bv32; {41#true} is VALID [2018-11-23 11:21:32,958 INFO L273 TraceCheckUtils]: 6: Hoare triple {41#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {41#true} is VALID [2018-11-23 11:21:32,958 INFO L256 TraceCheckUtils]: 7: Hoare triple {41#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {41#true} is VALID [2018-11-23 11:21:32,958 INFO L273 TraceCheckUtils]: 8: Hoare triple {41#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {41#true} is VALID [2018-11-23 11:21:32,960 INFO L273 TraceCheckUtils]: 9: Hoare triple {41#true} assume !true; {42#false} is VALID [2018-11-23 11:21:32,960 INFO L273 TraceCheckUtils]: 10: Hoare triple {42#false} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {42#false} is VALID [2018-11-23 11:21:32,960 INFO L273 TraceCheckUtils]: 11: Hoare triple {42#false} assume true; {42#false} is VALID [2018-11-23 11:21:32,961 INFO L268 TraceCheckUtils]: 12: Hoare quadruple {42#false} {41#true} #95#return; {42#false} is VALID [2018-11-23 11:21:32,961 INFO L273 TraceCheckUtils]: 13: Hoare triple {42#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {42#false} is VALID [2018-11-23 11:21:32,961 INFO L256 TraceCheckUtils]: 14: Hoare triple {42#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {42#false} is VALID [2018-11-23 11:21:32,962 INFO L273 TraceCheckUtils]: 15: Hoare triple {42#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {42#false} is VALID [2018-11-23 11:21:32,962 INFO L273 TraceCheckUtils]: 16: Hoare triple {42#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {42#false} is VALID [2018-11-23 11:21:32,963 INFO L273 TraceCheckUtils]: 17: Hoare triple {42#false} #res := ~len~0; {42#false} is VALID [2018-11-23 11:21:32,963 INFO L273 TraceCheckUtils]: 18: Hoare triple {42#false} assume true; {42#false} is VALID [2018-11-23 11:21:32,963 INFO L268 TraceCheckUtils]: 19: Hoare quadruple {42#false} {42#false} #97#return; {42#false} is VALID [2018-11-23 11:21:32,964 INFO L273 TraceCheckUtils]: 20: Hoare triple {42#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {42#false} is VALID [2018-11-23 11:21:32,964 INFO L273 TraceCheckUtils]: 21: Hoare triple {42#false} assume !false; {42#false} is VALID [2018-11-23 11:21:32,970 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:32,970 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:21:32,979 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:21:32,979 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2018-11-23 11:21:32,988 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 22 [2018-11-23 11:21:32,992 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:32,997 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states. [2018-11-23 11:21:33,100 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:33,100 INFO L459 AbstractCegarLoop]: Interpolant automaton has 2 states [2018-11-23 11:21:33,108 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2018-11-23 11:21:33,109 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-23 11:21:33,111 INFO L87 Difference]: Start difference. First operand 38 states. Second operand 2 states. [2018-11-23 11:21:33,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:33,343 INFO L93 Difference]: Finished difference Result 69 states and 88 transitions. [2018-11-23 11:21:33,343 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2018-11-23 11:21:33,343 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 22 [2018-11-23 11:21:33,343 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:33,344 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-23 11:21:33,356 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 88 transitions. [2018-11-23 11:21:33,356 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2 states. [2018-11-23 11:21:33,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 88 transitions. [2018-11-23 11:21:33,364 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 88 transitions. [2018-11-23 11:21:33,884 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 88 edges. 88 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:33,908 INFO L225 Difference]: With dead ends: 69 [2018-11-23 11:21:33,908 INFO L226 Difference]: Without dead ends: 25 [2018-11-23 11:21:33,916 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 21 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-23 11:21:33,938 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 25 states. [2018-11-23 11:21:34,101 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 25 to 25. [2018-11-23 11:21:34,101 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:34,102 INFO L82 GeneralOperation]: Start isEquivalent. First operand 25 states. Second operand 25 states. [2018-11-23 11:21:34,104 INFO L74 IsIncluded]: Start isIncluded. First operand 25 states. Second operand 25 states. [2018-11-23 11:21:34,104 INFO L87 Difference]: Start difference. First operand 25 states. Second operand 25 states. [2018-11-23 11:21:34,111 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:34,111 INFO L93 Difference]: Finished difference Result 25 states and 27 transitions. [2018-11-23 11:21:34,111 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 27 transitions. [2018-11-23 11:21:34,112 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:34,112 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:34,114 INFO L74 IsIncluded]: Start isIncluded. First operand 25 states. Second operand 25 states. [2018-11-23 11:21:34,114 INFO L87 Difference]: Start difference. First operand 25 states. Second operand 25 states. [2018-11-23 11:21:34,120 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:34,121 INFO L93 Difference]: Finished difference Result 25 states and 27 transitions. [2018-11-23 11:21:34,121 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 27 transitions. [2018-11-23 11:21:34,122 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:34,123 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:34,123 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:34,124 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:34,124 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2018-11-23 11:21:34,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 27 transitions. [2018-11-23 11:21:34,137 INFO L78 Accepts]: Start accepts. Automaton has 25 states and 27 transitions. Word has length 22 [2018-11-23 11:21:34,137 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:34,137 INFO L480 AbstractCegarLoop]: Abstraction has 25 states and 27 transitions. [2018-11-23 11:21:34,139 INFO L481 AbstractCegarLoop]: Interpolant automaton has 2 states. [2018-11-23 11:21:34,140 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 27 transitions. [2018-11-23 11:21:34,140 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2018-11-23 11:21:34,142 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:34,142 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:34,143 INFO L423 AbstractCegarLoop]: === Iteration 2 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:34,143 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:34,143 INFO L82 PathProgramCache]: Analyzing trace with hash -626670752, now seen corresponding path program 1 times [2018-11-23 11:21:34,145 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:34,145 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:34,179 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:21:34,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:34,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:34,239 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:34,472 INFO L256 TraceCheckUtils]: 0: Hoare triple {295#true} call ULTIMATE.init(); {295#true} is VALID [2018-11-23 11:21:34,472 INFO L273 TraceCheckUtils]: 1: Hoare triple {295#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {295#true} is VALID [2018-11-23 11:21:34,473 INFO L273 TraceCheckUtils]: 2: Hoare triple {295#true} assume true; {295#true} is VALID [2018-11-23 11:21:34,474 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {295#true} {295#true} #91#return; {295#true} is VALID [2018-11-23 11:21:34,474 INFO L256 TraceCheckUtils]: 4: Hoare triple {295#true} call #t~ret11 := main(); {295#true} is VALID [2018-11-23 11:21:34,489 INFO L273 TraceCheckUtils]: 5: Hoare triple {295#true} ~len~1 := 2bv32; {315#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:34,490 INFO L273 TraceCheckUtils]: 6: Hoare triple {315#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {315#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:34,491 INFO L256 TraceCheckUtils]: 7: Hoare triple {315#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {295#true} is VALID [2018-11-23 11:21:34,491 INFO L273 TraceCheckUtils]: 8: Hoare triple {295#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {325#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:34,494 INFO L273 TraceCheckUtils]: 9: Hoare triple {325#(= |sll_create_#in~len| sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {329#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:34,495 INFO L273 TraceCheckUtils]: 10: Hoare triple {329#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {329#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:34,496 INFO L273 TraceCheckUtils]: 11: Hoare triple {329#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} assume true; {329#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:34,498 INFO L268 TraceCheckUtils]: 12: Hoare quadruple {329#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} {315#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #95#return; {296#false} is VALID [2018-11-23 11:21:34,498 INFO L273 TraceCheckUtils]: 13: Hoare triple {296#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {296#false} is VALID [2018-11-23 11:21:34,499 INFO L256 TraceCheckUtils]: 14: Hoare triple {296#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {296#false} is VALID [2018-11-23 11:21:34,499 INFO L273 TraceCheckUtils]: 15: Hoare triple {296#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {296#false} is VALID [2018-11-23 11:21:34,500 INFO L273 TraceCheckUtils]: 16: Hoare triple {296#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {296#false} is VALID [2018-11-23 11:21:34,500 INFO L273 TraceCheckUtils]: 17: Hoare triple {296#false} #res := ~len~0; {296#false} is VALID [2018-11-23 11:21:34,501 INFO L273 TraceCheckUtils]: 18: Hoare triple {296#false} assume true; {296#false} is VALID [2018-11-23 11:21:34,501 INFO L268 TraceCheckUtils]: 19: Hoare quadruple {296#false} {296#false} #97#return; {296#false} is VALID [2018-11-23 11:21:34,501 INFO L273 TraceCheckUtils]: 20: Hoare triple {296#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {296#false} is VALID [2018-11-23 11:21:34,502 INFO L273 TraceCheckUtils]: 21: Hoare triple {296#false} assume !false; {296#false} is VALID [2018-11-23 11:21:34,504 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:34,505 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:21:34,508 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:21:34,509 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-11-23 11:21:34,510 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 22 [2018-11-23 11:21:34,512 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:34,512 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2018-11-23 11:21:34,596 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:34,597 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-11-23 11:21:34,597 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-11-23 11:21:34,597 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2018-11-23 11:21:34,598 INFO L87 Difference]: Start difference. First operand 25 states and 27 transitions. Second operand 5 states. [2018-11-23 11:21:35,128 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:35,128 INFO L93 Difference]: Finished difference Result 48 states and 54 transitions. [2018-11-23 11:21:35,129 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-11-23 11:21:35,129 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 22 [2018-11-23 11:21:35,129 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:35,129 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:21:35,133 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 54 transitions. [2018-11-23 11:21:35,133 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:21:35,137 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 54 transitions. [2018-11-23 11:21:35,138 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 54 transitions. [2018-11-23 11:21:35,321 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 54 edges. 54 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:35,324 INFO L225 Difference]: With dead ends: 48 [2018-11-23 11:21:35,324 INFO L226 Difference]: Without dead ends: 38 [2018-11-23 11:21:35,326 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-11-23 11:21:35,326 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 38 states. [2018-11-23 11:21:35,353 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 38 to 31. [2018-11-23 11:21:35,353 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:35,354 INFO L82 GeneralOperation]: Start isEquivalent. First operand 38 states. Second operand 31 states. [2018-11-23 11:21:35,354 INFO L74 IsIncluded]: Start isIncluded. First operand 38 states. Second operand 31 states. [2018-11-23 11:21:35,354 INFO L87 Difference]: Start difference. First operand 38 states. Second operand 31 states. [2018-11-23 11:21:35,359 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:35,359 INFO L93 Difference]: Finished difference Result 38 states and 43 transitions. [2018-11-23 11:21:35,360 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 43 transitions. [2018-11-23 11:21:35,360 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:35,361 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:35,361 INFO L74 IsIncluded]: Start isIncluded. First operand 31 states. Second operand 38 states. [2018-11-23 11:21:35,361 INFO L87 Difference]: Start difference. First operand 31 states. Second operand 38 states. [2018-11-23 11:21:35,365 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:35,366 INFO L93 Difference]: Finished difference Result 38 states and 43 transitions. [2018-11-23 11:21:35,366 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 43 transitions. [2018-11-23 11:21:35,367 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:35,367 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:35,367 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:35,367 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:35,368 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 31 states. [2018-11-23 11:21:35,371 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 31 states to 31 states and 36 transitions. [2018-11-23 11:21:35,371 INFO L78 Accepts]: Start accepts. Automaton has 31 states and 36 transitions. Word has length 22 [2018-11-23 11:21:35,371 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:35,371 INFO L480 AbstractCegarLoop]: Abstraction has 31 states and 36 transitions. [2018-11-23 11:21:35,372 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-11-23 11:21:35,372 INFO L276 IsEmpty]: Start isEmpty. Operand 31 states and 36 transitions. [2018-11-23 11:21:35,373 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2018-11-23 11:21:35,373 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:35,373 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:35,373 INFO L423 AbstractCegarLoop]: === Iteration 3 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:35,374 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:35,374 INFO L82 PathProgramCache]: Analyzing trace with hash 47330928, now seen corresponding path program 1 times [2018-11-23 11:21:35,374 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:35,375 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:35,396 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:21:35,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:35,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:35,468 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:35,565 INFO L256 TraceCheckUtils]: 0: Hoare triple {558#true} call ULTIMATE.init(); {558#true} is VALID [2018-11-23 11:21:35,566 INFO L273 TraceCheckUtils]: 1: Hoare triple {558#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {558#true} is VALID [2018-11-23 11:21:35,566 INFO L273 TraceCheckUtils]: 2: Hoare triple {558#true} assume true; {558#true} is VALID [2018-11-23 11:21:35,566 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {558#true} {558#true} #91#return; {558#true} is VALID [2018-11-23 11:21:35,567 INFO L256 TraceCheckUtils]: 4: Hoare triple {558#true} call #t~ret11 := main(); {558#true} is VALID [2018-11-23 11:21:35,568 INFO L273 TraceCheckUtils]: 5: Hoare triple {558#true} ~len~1 := 2bv32; {578#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:35,571 INFO L273 TraceCheckUtils]: 6: Hoare triple {578#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {582#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:35,573 INFO L273 TraceCheckUtils]: 7: Hoare triple {582#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {582#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:35,573 INFO L256 TraceCheckUtils]: 8: Hoare triple {582#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {558#true} is VALID [2018-11-23 11:21:35,574 INFO L273 TraceCheckUtils]: 9: Hoare triple {558#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {592#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:35,575 INFO L273 TraceCheckUtils]: 10: Hoare triple {592#(= |sll_create_#in~len| sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:35,575 INFO L273 TraceCheckUtils]: 11: Hoare triple {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:35,576 INFO L273 TraceCheckUtils]: 12: Hoare triple {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} assume true; {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:35,577 INFO L268 TraceCheckUtils]: 13: Hoare quadruple {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} {582#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} #95#return; {559#false} is VALID [2018-11-23 11:21:35,578 INFO L273 TraceCheckUtils]: 14: Hoare triple {559#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {559#false} is VALID [2018-11-23 11:21:35,578 INFO L256 TraceCheckUtils]: 15: Hoare triple {559#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {559#false} is VALID [2018-11-23 11:21:35,579 INFO L273 TraceCheckUtils]: 16: Hoare triple {559#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {559#false} is VALID [2018-11-23 11:21:35,579 INFO L273 TraceCheckUtils]: 17: Hoare triple {559#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {559#false} is VALID [2018-11-23 11:21:35,580 INFO L273 TraceCheckUtils]: 18: Hoare triple {559#false} #res := ~len~0; {559#false} is VALID [2018-11-23 11:21:35,580 INFO L273 TraceCheckUtils]: 19: Hoare triple {559#false} assume true; {559#false} is VALID [2018-11-23 11:21:35,581 INFO L268 TraceCheckUtils]: 20: Hoare quadruple {559#false} {559#false} #97#return; {559#false} is VALID [2018-11-23 11:21:35,581 INFO L273 TraceCheckUtils]: 21: Hoare triple {559#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {559#false} is VALID [2018-11-23 11:21:35,581 INFO L273 TraceCheckUtils]: 22: Hoare triple {559#false} assume !false; {559#false} is VALID [2018-11-23 11:21:35,583 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:35,583 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:21:35,845 INFO L273 TraceCheckUtils]: 22: Hoare triple {559#false} assume !false; {559#false} is VALID [2018-11-23 11:21:35,846 INFO L273 TraceCheckUtils]: 21: Hoare triple {559#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {559#false} is VALID [2018-11-23 11:21:35,847 INFO L268 TraceCheckUtils]: 20: Hoare quadruple {558#true} {559#false} #97#return; {559#false} is VALID [2018-11-23 11:21:35,847 INFO L273 TraceCheckUtils]: 19: Hoare triple {558#true} assume true; {558#true} is VALID [2018-11-23 11:21:35,847 INFO L273 TraceCheckUtils]: 18: Hoare triple {558#true} #res := ~len~0; {558#true} is VALID [2018-11-23 11:21:35,848 INFO L273 TraceCheckUtils]: 17: Hoare triple {558#true} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {558#true} is VALID [2018-11-23 11:21:35,848 INFO L273 TraceCheckUtils]: 16: Hoare triple {558#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {558#true} is VALID [2018-11-23 11:21:35,848 INFO L256 TraceCheckUtils]: 15: Hoare triple {559#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {558#true} is VALID [2018-11-23 11:21:35,849 INFO L273 TraceCheckUtils]: 14: Hoare triple {559#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {559#false} is VALID [2018-11-23 11:21:35,850 INFO L268 TraceCheckUtils]: 13: Hoare quadruple {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} {660#(bvsgt main_~len~1 (_ bv0 32))} #95#return; {559#false} is VALID [2018-11-23 11:21:35,850 INFO L273 TraceCheckUtils]: 12: Hoare triple {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} assume true; {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:35,851 INFO L273 TraceCheckUtils]: 11: Hoare triple {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:35,859 INFO L273 TraceCheckUtils]: 10: Hoare triple {673#(or (not (bvsgt |sll_create_#in~len| (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {596#(not (bvsgt |sll_create_#in~len| (_ bv0 32)))} is VALID [2018-11-23 11:21:35,860 INFO L273 TraceCheckUtils]: 9: Hoare triple {558#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {673#(or (not (bvsgt |sll_create_#in~len| (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} is VALID [2018-11-23 11:21:35,860 INFO L256 TraceCheckUtils]: 8: Hoare triple {660#(bvsgt main_~len~1 (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {558#true} is VALID [2018-11-23 11:21:35,861 INFO L273 TraceCheckUtils]: 7: Hoare triple {660#(bvsgt main_~len~1 (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {660#(bvsgt main_~len~1 (_ bv0 32))} is VALID [2018-11-23 11:21:35,861 INFO L273 TraceCheckUtils]: 6: Hoare triple {683#(bvsgt (bvadd main_~len~1 (_ bv1 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {660#(bvsgt main_~len~1 (_ bv0 32))} is VALID [2018-11-23 11:21:35,862 INFO L273 TraceCheckUtils]: 5: Hoare triple {558#true} ~len~1 := 2bv32; {683#(bvsgt (bvadd main_~len~1 (_ bv1 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:35,862 INFO L256 TraceCheckUtils]: 4: Hoare triple {558#true} call #t~ret11 := main(); {558#true} is VALID [2018-11-23 11:21:35,862 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {558#true} {558#true} #91#return; {558#true} is VALID [2018-11-23 11:21:35,863 INFO L273 TraceCheckUtils]: 2: Hoare triple {558#true} assume true; {558#true} is VALID [2018-11-23 11:21:35,863 INFO L273 TraceCheckUtils]: 1: Hoare triple {558#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {558#true} is VALID [2018-11-23 11:21:35,863 INFO L256 TraceCheckUtils]: 0: Hoare triple {558#true} call ULTIMATE.init(); {558#true} is VALID [2018-11-23 11:21:35,865 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:35,867 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:21:35,867 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6] total 9 [2018-11-23 11:21:35,868 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 23 [2018-11-23 11:21:35,868 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:35,869 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2018-11-23 11:21:35,989 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:35,989 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-11-23 11:21:35,990 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-11-23 11:21:35,990 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2018-11-23 11:21:35,991 INFO L87 Difference]: Start difference. First operand 31 states and 36 transitions. Second operand 9 states. [2018-11-23 11:21:36,755 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:36,756 INFO L93 Difference]: Finished difference Result 55 states and 63 transitions. [2018-11-23 11:21:36,756 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2018-11-23 11:21:36,756 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 23 [2018-11-23 11:21:36,756 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:36,757 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:36,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 63 transitions. [2018-11-23 11:21:36,761 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:36,765 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 63 transitions. [2018-11-23 11:21:36,765 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 63 transitions. [2018-11-23 11:21:36,893 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 63 edges. 63 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:36,895 INFO L225 Difference]: With dead ends: 55 [2018-11-23 11:21:36,895 INFO L226 Difference]: Without dead ends: 42 [2018-11-23 11:21:36,896 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 47 GetRequests, 38 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=78, Unknown=0, NotChecked=0, Total=110 [2018-11-23 11:21:36,897 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 42 states. [2018-11-23 11:21:36,936 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 42 to 26. [2018-11-23 11:21:36,936 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:36,936 INFO L82 GeneralOperation]: Start isEquivalent. First operand 42 states. Second operand 26 states. [2018-11-23 11:21:36,936 INFO L74 IsIncluded]: Start isIncluded. First operand 42 states. Second operand 26 states. [2018-11-23 11:21:36,936 INFO L87 Difference]: Start difference. First operand 42 states. Second operand 26 states. [2018-11-23 11:21:36,940 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:36,940 INFO L93 Difference]: Finished difference Result 42 states and 48 transitions. [2018-11-23 11:21:36,941 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 48 transitions. [2018-11-23 11:21:36,942 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:36,942 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:36,942 INFO L74 IsIncluded]: Start isIncluded. First operand 26 states. Second operand 42 states. [2018-11-23 11:21:36,942 INFO L87 Difference]: Start difference. First operand 26 states. Second operand 42 states. [2018-11-23 11:21:36,946 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:36,947 INFO L93 Difference]: Finished difference Result 42 states and 48 transitions. [2018-11-23 11:21:36,947 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 48 transitions. [2018-11-23 11:21:36,948 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:36,948 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:36,948 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:36,948 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:36,948 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 26 states. [2018-11-23 11:21:36,950 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 26 states to 26 states and 28 transitions. [2018-11-23 11:21:36,950 INFO L78 Accepts]: Start accepts. Automaton has 26 states and 28 transitions. Word has length 23 [2018-11-23 11:21:36,951 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:36,951 INFO L480 AbstractCegarLoop]: Abstraction has 26 states and 28 transitions. [2018-11-23 11:21:36,951 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-11-23 11:21:36,951 INFO L276 IsEmpty]: Start isEmpty. Operand 26 states and 28 transitions. [2018-11-23 11:21:36,952 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2018-11-23 11:21:36,952 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:36,952 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:36,953 INFO L423 AbstractCegarLoop]: === Iteration 4 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:36,953 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:36,953 INFO L82 PathProgramCache]: Analyzing trace with hash -1199502510, now seen corresponding path program 1 times [2018-11-23 11:21:36,954 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:36,954 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:36,975 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:21:37,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:37,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:37,040 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:37,237 INFO L256 TraceCheckUtils]: 0: Hoare triple {911#true} call ULTIMATE.init(); {911#true} is VALID [2018-11-23 11:21:37,237 INFO L273 TraceCheckUtils]: 1: Hoare triple {911#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {911#true} is VALID [2018-11-23 11:21:37,237 INFO L273 TraceCheckUtils]: 2: Hoare triple {911#true} assume true; {911#true} is VALID [2018-11-23 11:21:37,238 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {911#true} {911#true} #91#return; {911#true} is VALID [2018-11-23 11:21:37,238 INFO L256 TraceCheckUtils]: 4: Hoare triple {911#true} call #t~ret11 := main(); {911#true} is VALID [2018-11-23 11:21:37,238 INFO L273 TraceCheckUtils]: 5: Hoare triple {911#true} ~len~1 := 2bv32; {911#true} is VALID [2018-11-23 11:21:37,238 INFO L273 TraceCheckUtils]: 6: Hoare triple {911#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {911#true} is VALID [2018-11-23 11:21:37,239 INFO L256 TraceCheckUtils]: 7: Hoare triple {911#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {911#true} is VALID [2018-11-23 11:21:37,239 INFO L273 TraceCheckUtils]: 8: Hoare triple {911#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {911#true} is VALID [2018-11-23 11:21:37,241 INFO L273 TraceCheckUtils]: 9: Hoare triple {911#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {943#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:21:37,241 INFO L273 TraceCheckUtils]: 10: Hoare triple {943#(not (= (_ bv0 32) sll_create_~new_head~0.base))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {943#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:21:37,242 INFO L273 TraceCheckUtils]: 11: Hoare triple {943#(not (= (_ bv0 32) sll_create_~new_head~0.base))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {950#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:37,243 INFO L273 TraceCheckUtils]: 12: Hoare triple {950#(not (= sll_create_~head~0.base (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {950#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:37,243 INFO L273 TraceCheckUtils]: 13: Hoare triple {950#(not (= sll_create_~head~0.base (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {957#(not (= (_ bv0 32) |sll_create_#res.base|))} is VALID [2018-11-23 11:21:37,249 INFO L273 TraceCheckUtils]: 14: Hoare triple {957#(not (= (_ bv0 32) |sll_create_#res.base|))} assume true; {957#(not (= (_ bv0 32) |sll_create_#res.base|))} is VALID [2018-11-23 11:21:37,250 INFO L268 TraceCheckUtils]: 15: Hoare quadruple {957#(not (= (_ bv0 32) |sll_create_#res.base|))} {911#true} #95#return; {964#(not (= (_ bv0 32) |main_#t~ret9.base|))} is VALID [2018-11-23 11:21:37,252 INFO L273 TraceCheckUtils]: 16: Hoare triple {964#(not (= (_ bv0 32) |main_#t~ret9.base|))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {968#(not (= (_ bv0 32) main_~s~0.base))} is VALID [2018-11-23 11:21:37,252 INFO L256 TraceCheckUtils]: 17: Hoare triple {968#(not (= (_ bv0 32) main_~s~0.base))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {911#true} is VALID [2018-11-23 11:21:37,252 INFO L273 TraceCheckUtils]: 18: Hoare triple {911#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {975#(= sll_length_~head.base |sll_length_#in~head.base|)} is VALID [2018-11-23 11:21:37,253 INFO L273 TraceCheckUtils]: 19: Hoare triple {975#(= sll_length_~head.base |sll_length_#in~head.base|)} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {979#(= (_ bv0 32) |sll_length_#in~head.base|)} is VALID [2018-11-23 11:21:37,254 INFO L273 TraceCheckUtils]: 20: Hoare triple {979#(= (_ bv0 32) |sll_length_#in~head.base|)} #res := ~len~0; {979#(= (_ bv0 32) |sll_length_#in~head.base|)} is VALID [2018-11-23 11:21:37,256 INFO L273 TraceCheckUtils]: 21: Hoare triple {979#(= (_ bv0 32) |sll_length_#in~head.base|)} assume true; {979#(= (_ bv0 32) |sll_length_#in~head.base|)} is VALID [2018-11-23 11:21:37,258 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {979#(= (_ bv0 32) |sll_length_#in~head.base|)} {968#(not (= (_ bv0 32) main_~s~0.base))} #97#return; {912#false} is VALID [2018-11-23 11:21:37,258 INFO L273 TraceCheckUtils]: 23: Hoare triple {912#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {912#false} is VALID [2018-11-23 11:21:37,259 INFO L273 TraceCheckUtils]: 24: Hoare triple {912#false} assume !false; {912#false} is VALID [2018-11-23 11:21:37,261 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:37,261 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:21:37,263 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:21:37,263 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2018-11-23 11:21:37,263 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 25 [2018-11-23 11:21:37,264 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:37,264 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2018-11-23 11:21:37,325 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:37,326 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-11-23 11:21:37,326 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-11-23 11:21:37,326 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2018-11-23 11:21:37,327 INFO L87 Difference]: Start difference. First operand 26 states and 28 transitions. Second operand 9 states. [2018-11-23 11:21:37,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:37,951 INFO L93 Difference]: Finished difference Result 35 states and 37 transitions. [2018-11-23 11:21:37,952 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2018-11-23 11:21:37,952 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 25 [2018-11-23 11:21:37,952 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:37,952 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:37,955 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 37 transitions. [2018-11-23 11:21:37,955 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:37,957 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 37 transitions. [2018-11-23 11:21:37,957 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 37 transitions. [2018-11-23 11:21:38,017 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:38,019 INFO L225 Difference]: With dead ends: 35 [2018-11-23 11:21:38,019 INFO L226 Difference]: Without dead ends: 29 [2018-11-23 11:21:38,020 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2018-11-23 11:21:38,020 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 29 states. [2018-11-23 11:21:38,043 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 29 to 27. [2018-11-23 11:21:38,044 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:38,044 INFO L82 GeneralOperation]: Start isEquivalent. First operand 29 states. Second operand 27 states. [2018-11-23 11:21:38,044 INFO L74 IsIncluded]: Start isIncluded. First operand 29 states. Second operand 27 states. [2018-11-23 11:21:38,045 INFO L87 Difference]: Start difference. First operand 29 states. Second operand 27 states. [2018-11-23 11:21:38,047 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:38,047 INFO L93 Difference]: Finished difference Result 29 states and 31 transitions. [2018-11-23 11:21:38,048 INFO L276 IsEmpty]: Start isEmpty. Operand 29 states and 31 transitions. [2018-11-23 11:21:38,048 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:38,048 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:38,048 INFO L74 IsIncluded]: Start isIncluded. First operand 27 states. Second operand 29 states. [2018-11-23 11:21:38,049 INFO L87 Difference]: Start difference. First operand 27 states. Second operand 29 states. [2018-11-23 11:21:38,050 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:38,051 INFO L93 Difference]: Finished difference Result 29 states and 31 transitions. [2018-11-23 11:21:38,051 INFO L276 IsEmpty]: Start isEmpty. Operand 29 states and 31 transitions. [2018-11-23 11:21:38,051 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:38,051 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:38,052 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:38,052 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:38,052 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 27 states. [2018-11-23 11:21:38,053 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 27 states to 27 states and 29 transitions. [2018-11-23 11:21:38,054 INFO L78 Accepts]: Start accepts. Automaton has 27 states and 29 transitions. Word has length 25 [2018-11-23 11:21:38,054 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:38,054 INFO L480 AbstractCegarLoop]: Abstraction has 27 states and 29 transitions. [2018-11-23 11:21:38,054 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-11-23 11:21:38,054 INFO L276 IsEmpty]: Start isEmpty. Operand 27 states and 29 transitions. [2018-11-23 11:21:38,055 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2018-11-23 11:21:38,055 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:38,056 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:38,056 INFO L423 AbstractCegarLoop]: === Iteration 5 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:38,056 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:38,056 INFO L82 PathProgramCache]: Analyzing trace with hash -1222797750, now seen corresponding path program 1 times [2018-11-23 11:21:38,057 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:38,057 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:38,080 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:21:38,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:38,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:38,144 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:38,255 INFO L256 TraceCheckUtils]: 0: Hoare triple {1149#true} call ULTIMATE.init(); {1149#true} is VALID [2018-11-23 11:21:38,256 INFO L273 TraceCheckUtils]: 1: Hoare triple {1149#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1149#true} is VALID [2018-11-23 11:21:38,256 INFO L273 TraceCheckUtils]: 2: Hoare triple {1149#true} assume true; {1149#true} is VALID [2018-11-23 11:21:38,257 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1149#true} {1149#true} #91#return; {1149#true} is VALID [2018-11-23 11:21:38,257 INFO L256 TraceCheckUtils]: 4: Hoare triple {1149#true} call #t~ret11 := main(); {1149#true} is VALID [2018-11-23 11:21:38,259 INFO L273 TraceCheckUtils]: 5: Hoare triple {1149#true} ~len~1 := 2bv32; {1169#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:38,274 INFO L273 TraceCheckUtils]: 6: Hoare triple {1169#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {1169#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:38,275 INFO L256 TraceCheckUtils]: 7: Hoare triple {1169#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {1149#true} is VALID [2018-11-23 11:21:38,275 INFO L273 TraceCheckUtils]: 8: Hoare triple {1149#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1179#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:38,276 INFO L273 TraceCheckUtils]: 9: Hoare triple {1179#(= |sll_create_#in~len| sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {1179#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:38,277 INFO L273 TraceCheckUtils]: 10: Hoare triple {1179#(= |sll_create_#in~len| sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {1179#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:38,277 INFO L273 TraceCheckUtils]: 11: Hoare triple {1179#(= |sll_create_#in~len| sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1189#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:21:38,282 INFO L273 TraceCheckUtils]: 12: Hoare triple {1189#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,285 INFO L273 TraceCheckUtils]: 13: Hoare triple {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,286 INFO L273 TraceCheckUtils]: 14: Hoare triple {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} assume true; {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,287 INFO L268 TraceCheckUtils]: 15: Hoare quadruple {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} {1169#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #95#return; {1150#false} is VALID [2018-11-23 11:21:38,287 INFO L273 TraceCheckUtils]: 16: Hoare triple {1150#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {1150#false} is VALID [2018-11-23 11:21:38,287 INFO L256 TraceCheckUtils]: 17: Hoare triple {1150#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {1150#false} is VALID [2018-11-23 11:21:38,287 INFO L273 TraceCheckUtils]: 18: Hoare triple {1150#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {1150#false} is VALID [2018-11-23 11:21:38,288 INFO L273 TraceCheckUtils]: 19: Hoare triple {1150#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1150#false} is VALID [2018-11-23 11:21:38,288 INFO L273 TraceCheckUtils]: 20: Hoare triple {1150#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {1150#false} is VALID [2018-11-23 11:21:38,288 INFO L273 TraceCheckUtils]: 21: Hoare triple {1150#false} #res := ~len~0; {1150#false} is VALID [2018-11-23 11:21:38,288 INFO L273 TraceCheckUtils]: 22: Hoare triple {1150#false} assume true; {1150#false} is VALID [2018-11-23 11:21:38,289 INFO L268 TraceCheckUtils]: 23: Hoare quadruple {1150#false} {1150#false} #97#return; {1150#false} is VALID [2018-11-23 11:21:38,289 INFO L273 TraceCheckUtils]: 24: Hoare triple {1150#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {1150#false} is VALID [2018-11-23 11:21:38,289 INFO L273 TraceCheckUtils]: 25: Hoare triple {1150#false} assume !false; {1150#false} is VALID [2018-11-23 11:21:38,290 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:21:38,291 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:21:38,507 INFO L273 TraceCheckUtils]: 25: Hoare triple {1150#false} assume !false; {1150#false} is VALID [2018-11-23 11:21:38,508 INFO L273 TraceCheckUtils]: 24: Hoare triple {1150#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {1150#false} is VALID [2018-11-23 11:21:38,508 INFO L268 TraceCheckUtils]: 23: Hoare quadruple {1149#true} {1150#false} #97#return; {1150#false} is VALID [2018-11-23 11:21:38,508 INFO L273 TraceCheckUtils]: 22: Hoare triple {1149#true} assume true; {1149#true} is VALID [2018-11-23 11:21:38,509 INFO L273 TraceCheckUtils]: 21: Hoare triple {1149#true} #res := ~len~0; {1149#true} is VALID [2018-11-23 11:21:38,509 INFO L273 TraceCheckUtils]: 20: Hoare triple {1149#true} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {1149#true} is VALID [2018-11-23 11:21:38,509 INFO L273 TraceCheckUtils]: 19: Hoare triple {1149#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1149#true} is VALID [2018-11-23 11:21:38,510 INFO L273 TraceCheckUtils]: 18: Hoare triple {1149#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {1149#true} is VALID [2018-11-23 11:21:38,510 INFO L256 TraceCheckUtils]: 17: Hoare triple {1150#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {1149#true} is VALID [2018-11-23 11:21:38,510 INFO L273 TraceCheckUtils]: 16: Hoare triple {1150#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {1150#false} is VALID [2018-11-23 11:21:38,511 INFO L268 TraceCheckUtils]: 15: Hoare quadruple {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} {1263#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} #95#return; {1150#false} is VALID [2018-11-23 11:21:38,512 INFO L273 TraceCheckUtils]: 14: Hoare triple {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} assume true; {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,512 INFO L273 TraceCheckUtils]: 13: Hoare triple {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,513 INFO L273 TraceCheckUtils]: 12: Hoare triple {1276#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {1193#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,517 INFO L273 TraceCheckUtils]: 11: Hoare triple {1280#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1276#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} is VALID [2018-11-23 11:21:38,518 INFO L273 TraceCheckUtils]: 10: Hoare triple {1280#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {1280#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,518 INFO L273 TraceCheckUtils]: 9: Hoare triple {1280#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {1280#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,519 INFO L273 TraceCheckUtils]: 8: Hoare triple {1149#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1280#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:38,519 INFO L256 TraceCheckUtils]: 7: Hoare triple {1263#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {1149#true} is VALID [2018-11-23 11:21:38,520 INFO L273 TraceCheckUtils]: 6: Hoare triple {1263#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {1263#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:38,520 INFO L273 TraceCheckUtils]: 5: Hoare triple {1149#true} ~len~1 := 2bv32; {1263#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:38,520 INFO L256 TraceCheckUtils]: 4: Hoare triple {1149#true} call #t~ret11 := main(); {1149#true} is VALID [2018-11-23 11:21:38,521 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1149#true} {1149#true} #91#return; {1149#true} is VALID [2018-11-23 11:21:38,521 INFO L273 TraceCheckUtils]: 2: Hoare triple {1149#true} assume true; {1149#true} is VALID [2018-11-23 11:21:38,521 INFO L273 TraceCheckUtils]: 1: Hoare triple {1149#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1149#true} is VALID [2018-11-23 11:21:38,521 INFO L256 TraceCheckUtils]: 0: Hoare triple {1149#true} call ULTIMATE.init(); {1149#true} is VALID [2018-11-23 11:21:38,524 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:21:38,526 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:21:38,527 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6] total 9 [2018-11-23 11:21:38,527 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 26 [2018-11-23 11:21:38,528 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:38,528 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2018-11-23 11:21:38,635 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:38,635 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-11-23 11:21:38,635 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-11-23 11:21:38,636 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2018-11-23 11:21:38,636 INFO L87 Difference]: Start difference. First operand 27 states and 29 transitions. Second operand 9 states. [2018-11-23 11:21:39,685 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:39,685 INFO L93 Difference]: Finished difference Result 60 states and 69 transitions. [2018-11-23 11:21:39,685 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2018-11-23 11:21:39,686 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 26 [2018-11-23 11:21:39,686 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:39,686 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:39,689 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 67 transitions. [2018-11-23 11:21:39,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:39,693 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 67 transitions. [2018-11-23 11:21:39,693 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 67 transitions. [2018-11-23 11:21:39,836 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 67 edges. 67 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:39,840 INFO L225 Difference]: With dead ends: 60 [2018-11-23 11:21:39,840 INFO L226 Difference]: Without dead ends: 49 [2018-11-23 11:21:39,841 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 53 GetRequests, 44 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=31, Invalid=79, Unknown=0, NotChecked=0, Total=110 [2018-11-23 11:21:39,841 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 49 states. [2018-11-23 11:21:39,902 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 49 to 36. [2018-11-23 11:21:39,902 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:39,902 INFO L82 GeneralOperation]: Start isEquivalent. First operand 49 states. Second operand 36 states. [2018-11-23 11:21:39,903 INFO L74 IsIncluded]: Start isIncluded. First operand 49 states. Second operand 36 states. [2018-11-23 11:21:39,903 INFO L87 Difference]: Start difference. First operand 49 states. Second operand 36 states. [2018-11-23 11:21:39,906 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:39,906 INFO L93 Difference]: Finished difference Result 49 states and 56 transitions. [2018-11-23 11:21:39,906 INFO L276 IsEmpty]: Start isEmpty. Operand 49 states and 56 transitions. [2018-11-23 11:21:39,907 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:39,908 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:39,908 INFO L74 IsIncluded]: Start isIncluded. First operand 36 states. Second operand 49 states. [2018-11-23 11:21:39,908 INFO L87 Difference]: Start difference. First operand 36 states. Second operand 49 states. [2018-11-23 11:21:39,911 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:39,912 INFO L93 Difference]: Finished difference Result 49 states and 56 transitions. [2018-11-23 11:21:39,912 INFO L276 IsEmpty]: Start isEmpty. Operand 49 states and 56 transitions. [2018-11-23 11:21:39,913 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:39,913 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:39,913 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:39,913 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:39,914 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 36 states. [2018-11-23 11:21:39,916 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 42 transitions. [2018-11-23 11:21:39,916 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 42 transitions. Word has length 26 [2018-11-23 11:21:39,916 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:39,916 INFO L480 AbstractCegarLoop]: Abstraction has 36 states and 42 transitions. [2018-11-23 11:21:39,916 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-11-23 11:21:39,917 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 42 transitions. [2018-11-23 11:21:39,918 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2018-11-23 11:21:39,918 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:39,918 INFO L402 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:39,918 INFO L423 AbstractCegarLoop]: === Iteration 6 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:39,919 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:39,919 INFO L82 PathProgramCache]: Analyzing trace with hash -1431635894, now seen corresponding path program 1 times [2018-11-23 11:21:39,919 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:39,919 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:39,948 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:21:40,001 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:40,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:40,020 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:40,180 INFO L256 TraceCheckUtils]: 0: Hoare triple {1557#true} call ULTIMATE.init(); {1557#true} is VALID [2018-11-23 11:21:40,180 INFO L273 TraceCheckUtils]: 1: Hoare triple {1557#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1557#true} is VALID [2018-11-23 11:21:40,180 INFO L273 TraceCheckUtils]: 2: Hoare triple {1557#true} assume true; {1557#true} is VALID [2018-11-23 11:21:40,181 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1557#true} {1557#true} #91#return; {1557#true} is VALID [2018-11-23 11:21:40,181 INFO L256 TraceCheckUtils]: 4: Hoare triple {1557#true} call #t~ret11 := main(); {1557#true} is VALID [2018-11-23 11:21:40,182 INFO L273 TraceCheckUtils]: 5: Hoare triple {1557#true} ~len~1 := 2bv32; {1577#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:40,183 INFO L273 TraceCheckUtils]: 6: Hoare triple {1577#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {1581#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:40,183 INFO L273 TraceCheckUtils]: 7: Hoare triple {1581#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {1585#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:40,184 INFO L273 TraceCheckUtils]: 8: Hoare triple {1585#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {1585#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:40,184 INFO L256 TraceCheckUtils]: 9: Hoare triple {1585#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {1557#true} is VALID [2018-11-23 11:21:40,184 INFO L273 TraceCheckUtils]: 10: Hoare triple {1557#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1595#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:40,185 INFO L273 TraceCheckUtils]: 11: Hoare triple {1595#(= |sll_create_#in~len| sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {1595#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:40,185 INFO L273 TraceCheckUtils]: 12: Hoare triple {1595#(= |sll_create_#in~len| sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {1595#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:21:40,187 INFO L273 TraceCheckUtils]: 13: Hoare triple {1595#(= |sll_create_#in~len| sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1605#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:21:40,191 INFO L273 TraceCheckUtils]: 14: Hoare triple {1605#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,192 INFO L273 TraceCheckUtils]: 15: Hoare triple {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,193 INFO L273 TraceCheckUtils]: 16: Hoare triple {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} assume true; {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,200 INFO L268 TraceCheckUtils]: 17: Hoare quadruple {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} {1585#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} #95#return; {1558#false} is VALID [2018-11-23 11:21:40,200 INFO L273 TraceCheckUtils]: 18: Hoare triple {1558#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {1558#false} is VALID [2018-11-23 11:21:40,201 INFO L256 TraceCheckUtils]: 19: Hoare triple {1558#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {1558#false} is VALID [2018-11-23 11:21:40,201 INFO L273 TraceCheckUtils]: 20: Hoare triple {1558#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {1558#false} is VALID [2018-11-23 11:21:40,201 INFO L273 TraceCheckUtils]: 21: Hoare triple {1558#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1558#false} is VALID [2018-11-23 11:21:40,201 INFO L273 TraceCheckUtils]: 22: Hoare triple {1558#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {1558#false} is VALID [2018-11-23 11:21:40,202 INFO L273 TraceCheckUtils]: 23: Hoare triple {1558#false} #res := ~len~0; {1558#false} is VALID [2018-11-23 11:21:40,202 INFO L273 TraceCheckUtils]: 24: Hoare triple {1558#false} assume true; {1558#false} is VALID [2018-11-23 11:21:40,202 INFO L268 TraceCheckUtils]: 25: Hoare quadruple {1558#false} {1558#false} #97#return; {1558#false} is VALID [2018-11-23 11:21:40,202 INFO L273 TraceCheckUtils]: 26: Hoare triple {1558#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {1558#false} is VALID [2018-11-23 11:21:40,203 INFO L273 TraceCheckUtils]: 27: Hoare triple {1558#false} assume !false; {1558#false} is VALID [2018-11-23 11:21:40,205 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:21:40,205 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:21:40,644 INFO L273 TraceCheckUtils]: 27: Hoare triple {1558#false} assume !false; {1558#false} is VALID [2018-11-23 11:21:40,645 INFO L273 TraceCheckUtils]: 26: Hoare triple {1558#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {1558#false} is VALID [2018-11-23 11:21:40,645 INFO L268 TraceCheckUtils]: 25: Hoare quadruple {1557#true} {1558#false} #97#return; {1558#false} is VALID [2018-11-23 11:21:40,646 INFO L273 TraceCheckUtils]: 24: Hoare triple {1557#true} assume true; {1557#true} is VALID [2018-11-23 11:21:40,646 INFO L273 TraceCheckUtils]: 23: Hoare triple {1557#true} #res := ~len~0; {1557#true} is VALID [2018-11-23 11:21:40,646 INFO L273 TraceCheckUtils]: 22: Hoare triple {1557#true} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {1557#true} is VALID [2018-11-23 11:21:40,647 INFO L273 TraceCheckUtils]: 21: Hoare triple {1557#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1557#true} is VALID [2018-11-23 11:21:40,647 INFO L273 TraceCheckUtils]: 20: Hoare triple {1557#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {1557#true} is VALID [2018-11-23 11:21:40,647 INFO L256 TraceCheckUtils]: 19: Hoare triple {1558#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {1557#true} is VALID [2018-11-23 11:21:40,648 INFO L273 TraceCheckUtils]: 18: Hoare triple {1558#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {1558#false} is VALID [2018-11-23 11:21:40,649 INFO L268 TraceCheckUtils]: 17: Hoare quadruple {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} {1679#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} #95#return; {1558#false} is VALID [2018-11-23 11:21:40,668 INFO L273 TraceCheckUtils]: 16: Hoare triple {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} assume true; {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,683 INFO L273 TraceCheckUtils]: 15: Hoare triple {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,687 INFO L273 TraceCheckUtils]: 14: Hoare triple {1692#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {1609#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,692 INFO L273 TraceCheckUtils]: 13: Hoare triple {1696#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {1692#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt sll_create_~len (_ bv0 32)))} is VALID [2018-11-23 11:21:40,692 INFO L273 TraceCheckUtils]: 12: Hoare triple {1696#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {1696#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,693 INFO L273 TraceCheckUtils]: 11: Hoare triple {1696#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {1696#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,694 INFO L273 TraceCheckUtils]: 10: Hoare triple {1557#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1696#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967295 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:40,694 INFO L256 TraceCheckUtils]: 9: Hoare triple {1679#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {1557#true} is VALID [2018-11-23 11:21:40,694 INFO L273 TraceCheckUtils]: 8: Hoare triple {1679#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {1679#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:40,697 INFO L273 TraceCheckUtils]: 7: Hoare triple {1712#(bvsgt main_~len~1 (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {1679#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:40,697 INFO L273 TraceCheckUtils]: 6: Hoare triple {1716#(bvsgt (bvadd main_~len~1 (_ bv1 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {1712#(bvsgt main_~len~1 (_ bv0 32))} is VALID [2018-11-23 11:21:40,698 INFO L273 TraceCheckUtils]: 5: Hoare triple {1557#true} ~len~1 := 2bv32; {1716#(bvsgt (bvadd main_~len~1 (_ bv1 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:40,698 INFO L256 TraceCheckUtils]: 4: Hoare triple {1557#true} call #t~ret11 := main(); {1557#true} is VALID [2018-11-23 11:21:40,699 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1557#true} {1557#true} #91#return; {1557#true} is VALID [2018-11-23 11:21:40,699 INFO L273 TraceCheckUtils]: 2: Hoare triple {1557#true} assume true; {1557#true} is VALID [2018-11-23 11:21:40,699 INFO L273 TraceCheckUtils]: 1: Hoare triple {1557#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1557#true} is VALID [2018-11-23 11:21:40,699 INFO L256 TraceCheckUtils]: 0: Hoare triple {1557#true} call ULTIMATE.init(); {1557#true} is VALID [2018-11-23 11:21:40,701 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:21:40,704 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:21:40,704 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 13 [2018-11-23 11:21:40,705 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 28 [2018-11-23 11:21:40,705 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:40,705 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states. [2018-11-23 11:21:40,790 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 46 edges. 46 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:40,791 INFO L459 AbstractCegarLoop]: Interpolant automaton has 13 states [2018-11-23 11:21:40,791 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2018-11-23 11:21:40,792 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=120, Unknown=0, NotChecked=0, Total=156 [2018-11-23 11:21:40,792 INFO L87 Difference]: Start difference. First operand 36 states and 42 transitions. Second operand 13 states. [2018-11-23 11:21:42,315 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:42,315 INFO L93 Difference]: Finished difference Result 67 states and 77 transitions. [2018-11-23 11:21:42,315 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2018-11-23 11:21:42,315 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 28 [2018-11-23 11:21:42,316 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:42,316 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2018-11-23 11:21:42,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 75 transitions. [2018-11-23 11:21:42,319 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2018-11-23 11:21:42,322 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 75 transitions. [2018-11-23 11:21:42,322 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 75 transitions. [2018-11-23 11:21:42,557 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 75 edges. 75 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:42,560 INFO L225 Difference]: With dead ends: 67 [2018-11-23 11:21:42,561 INFO L226 Difference]: Without dead ends: 53 [2018-11-23 11:21:42,561 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 58 GetRequests, 44 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=55, Invalid=185, Unknown=0, NotChecked=0, Total=240 [2018-11-23 11:21:42,562 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2018-11-23 11:21:42,590 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 30. [2018-11-23 11:21:42,591 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:42,591 INFO L82 GeneralOperation]: Start isEquivalent. First operand 53 states. Second operand 30 states. [2018-11-23 11:21:42,591 INFO L74 IsIncluded]: Start isIncluded. First operand 53 states. Second operand 30 states. [2018-11-23 11:21:42,591 INFO L87 Difference]: Start difference. First operand 53 states. Second operand 30 states. [2018-11-23 11:21:42,594 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:42,594 INFO L93 Difference]: Finished difference Result 53 states and 61 transitions. [2018-11-23 11:21:42,595 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 61 transitions. [2018-11-23 11:21:42,596 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:42,596 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:42,596 INFO L74 IsIncluded]: Start isIncluded. First operand 30 states. Second operand 53 states. [2018-11-23 11:21:42,596 INFO L87 Difference]: Start difference. First operand 30 states. Second operand 53 states. [2018-11-23 11:21:42,599 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:42,599 INFO L93 Difference]: Finished difference Result 53 states and 61 transitions. [2018-11-23 11:21:42,600 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 61 transitions. [2018-11-23 11:21:42,600 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:42,600 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:42,600 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:42,601 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:42,601 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 30 states. [2018-11-23 11:21:42,602 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 30 states to 30 states and 32 transitions. [2018-11-23 11:21:42,602 INFO L78 Accepts]: Start accepts. Automaton has 30 states and 32 transitions. Word has length 28 [2018-11-23 11:21:42,603 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:42,603 INFO L480 AbstractCegarLoop]: Abstraction has 30 states and 32 transitions. [2018-11-23 11:21:42,603 INFO L481 AbstractCegarLoop]: Interpolant automaton has 13 states. [2018-11-23 11:21:42,603 INFO L276 IsEmpty]: Start isEmpty. Operand 30 states and 32 transitions. [2018-11-23 11:21:42,603 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2018-11-23 11:21:42,604 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:42,604 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:42,604 INFO L423 AbstractCegarLoop]: === Iteration 7 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:42,604 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:42,604 INFO L82 PathProgramCache]: Analyzing trace with hash 625972540, now seen corresponding path program 2 times [2018-11-23 11:21:42,605 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:42,605 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 8 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:42,632 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2018-11-23 11:21:42,696 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2018-11-23 11:21:42,697 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:21:42,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:42,728 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:42,836 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:21:42,854 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:21:42,860 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:21:42,864 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:42,877 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:42,878 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:19, output treesize:12 [2018-11-23 11:21:42,887 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:21:42,887 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_21|, v_sll_create_~head~0.base_21]. (and (not (= (_ bv0 32) v_sll_create_~head~0.base_21)) (= (store |v_#memory_$Pointer$.base_21| sll_create_~head~0.base (store (select |v_#memory_$Pointer$.base_21| sll_create_~head~0.base) (_ bv0 32) v_sll_create_~head~0.base_21)) |#memory_$Pointer$.base|) (= (_ bv0 32) sll_create_~head~0.offset)) [2018-11-23 11:21:42,887 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset)) [2018-11-23 11:21:43,239 INFO L256 TraceCheckUtils]: 0: Hoare triple {1993#true} call ULTIMATE.init(); {1993#true} is VALID [2018-11-23 11:21:43,240 INFO L273 TraceCheckUtils]: 1: Hoare triple {1993#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1993#true} is VALID [2018-11-23 11:21:43,240 INFO L273 TraceCheckUtils]: 2: Hoare triple {1993#true} assume true; {1993#true} is VALID [2018-11-23 11:21:43,241 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1993#true} {1993#true} #91#return; {1993#true} is VALID [2018-11-23 11:21:43,241 INFO L256 TraceCheckUtils]: 4: Hoare triple {1993#true} call #t~ret11 := main(); {1993#true} is VALID [2018-11-23 11:21:43,242 INFO L273 TraceCheckUtils]: 5: Hoare triple {1993#true} ~len~1 := 2bv32; {1993#true} is VALID [2018-11-23 11:21:43,242 INFO L273 TraceCheckUtils]: 6: Hoare triple {1993#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {1993#true} is VALID [2018-11-23 11:21:43,242 INFO L256 TraceCheckUtils]: 7: Hoare triple {1993#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {1993#true} is VALID [2018-11-23 11:21:43,242 INFO L273 TraceCheckUtils]: 8: Hoare triple {1993#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1993#true} is VALID [2018-11-23 11:21:43,245 INFO L273 TraceCheckUtils]: 9: Hoare triple {1993#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:21:43,246 INFO L273 TraceCheckUtils]: 10: Hoare triple {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:21:43,247 INFO L273 TraceCheckUtils]: 11: Hoare triple {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:43,247 INFO L273 TraceCheckUtils]: 12: Hoare triple {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2036#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))))} is VALID [2018-11-23 11:21:43,248 INFO L273 TraceCheckUtils]: 13: Hoare triple {2036#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2036#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))))} is VALID [2018-11-23 11:21:43,250 INFO L273 TraceCheckUtils]: 14: Hoare triple {2036#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2043#(and (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} is VALID [2018-11-23 11:21:43,251 INFO L273 TraceCheckUtils]: 15: Hoare triple {2043#(and (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} assume !~bvsgt32(~len, 0bv32); {2043#(and (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} is VALID [2018-11-23 11:21:43,252 INFO L273 TraceCheckUtils]: 16: Hoare triple {2043#(and (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {2050#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (= |sll_create_#res.offset| (_ bv0 32)))} is VALID [2018-11-23 11:21:43,253 INFO L273 TraceCheckUtils]: 17: Hoare triple {2050#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (= |sll_create_#res.offset| (_ bv0 32)))} assume true; {2050#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (= |sll_create_#res.offset| (_ bv0 32)))} is VALID [2018-11-23 11:21:43,255 INFO L268 TraceCheckUtils]: 18: Hoare quadruple {2050#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (= |sll_create_#res.offset| (_ bv0 32)))} {1993#true} #95#return; {2057#(and (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) |main_#t~ret9.offset|))} is VALID [2018-11-23 11:21:43,256 INFO L273 TraceCheckUtils]: 19: Hoare triple {2057#(and (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) |main_#t~ret9.offset|))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {2061#(and (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)))} is VALID [2018-11-23 11:21:43,258 INFO L256 TraceCheckUtils]: 20: Hoare triple {2061#(and (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {2065#(exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32))))} is VALID [2018-11-23 11:21:43,259 INFO L273 TraceCheckUtils]: 21: Hoare triple {2065#(exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {2069#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= sll_length_~head.base |sll_length_#in~head.base|))} is VALID [2018-11-23 11:21:43,262 INFO L273 TraceCheckUtils]: 22: Hoare triple {2069#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= sll_length_~head.base |sll_length_#in~head.base|))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2073#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base))} is VALID [2018-11-23 11:21:43,262 INFO L273 TraceCheckUtils]: 23: Hoare triple {2073#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {2077#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} is VALID [2018-11-23 11:21:43,263 INFO L273 TraceCheckUtils]: 24: Hoare triple {2077#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} #res := ~len~0; {2077#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} is VALID [2018-11-23 11:21:43,265 INFO L273 TraceCheckUtils]: 25: Hoare triple {2077#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} assume true; {2077#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} is VALID [2018-11-23 11:21:43,268 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {2077#(and (exists ((v_main_~s~0.base_BEFORE_CALL_2 (_ BitVec 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_2) (_ bv0 32)) (_ bv0 32)))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} {2061#(and (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)))} #97#return; {1994#false} is VALID [2018-11-23 11:21:43,269 INFO L273 TraceCheckUtils]: 27: Hoare triple {1994#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {1994#false} is VALID [2018-11-23 11:21:43,269 INFO L273 TraceCheckUtils]: 28: Hoare triple {1994#false} assume !false; {1994#false} is VALID [2018-11-23 11:21:43,272 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 2 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:43,273 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:21:44,084 INFO L273 TraceCheckUtils]: 28: Hoare triple {1994#false} assume !false; {1994#false} is VALID [2018-11-23 11:21:44,084 INFO L273 TraceCheckUtils]: 27: Hoare triple {1994#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {1994#false} is VALID [2018-11-23 11:21:44,086 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {2103#(= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32))} {2099#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)))} #97#return; {1994#false} is VALID [2018-11-23 11:21:44,090 INFO L273 TraceCheckUtils]: 25: Hoare triple {2103#(= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32))} assume true; {2103#(= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32))} is VALID [2018-11-23 11:21:44,091 INFO L273 TraceCheckUtils]: 24: Hoare triple {2103#(= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32))} #res := ~len~0; {2103#(= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32))} is VALID [2018-11-23 11:21:44,092 INFO L273 TraceCheckUtils]: 23: Hoare triple {2113#(or (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)) (not (= (_ bv0 32) sll_length_~head.base)))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {2103#(= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32))} is VALID [2018-11-23 11:21:44,092 INFO L273 TraceCheckUtils]: 22: Hoare triple {2117#(or (not (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2113#(or (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)) (not (= (_ bv0 32) sll_length_~head.base)))} is VALID [2018-11-23 11:21:44,093 INFO L273 TraceCheckUtils]: 21: Hoare triple {1993#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {2117#(or (not (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) (_ bv0 32)))} is VALID [2018-11-23 11:21:44,093 INFO L256 TraceCheckUtils]: 20: Hoare triple {2099#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {1993#true} is VALID [2018-11-23 11:21:44,094 INFO L273 TraceCheckUtils]: 19: Hoare triple {2124#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {2099#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)))} is VALID [2018-11-23 11:21:44,096 INFO L268 TraceCheckUtils]: 18: Hoare quadruple {2131#(not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) (_ bv0 32)))} {1993#true} #95#return; {2124#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)))} is VALID [2018-11-23 11:21:44,097 INFO L273 TraceCheckUtils]: 17: Hoare triple {2131#(not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) (_ bv0 32)))} assume true; {2131#(not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) (_ bv0 32)))} is VALID [2018-11-23 11:21:44,097 INFO L273 TraceCheckUtils]: 16: Hoare triple {2138#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {2131#(not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) (_ bv0 32)))} is VALID [2018-11-23 11:21:44,098 INFO L273 TraceCheckUtils]: 15: Hoare triple {2138#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)))} assume !~bvsgt32(~len, 0bv32); {2138#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)))} is VALID [2018-11-23 11:21:44,100 INFO L273 TraceCheckUtils]: 14: Hoare triple {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2138#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)))} is VALID [2018-11-23 11:21:44,101 INFO L273 TraceCheckUtils]: 13: Hoare triple {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:44,101 INFO L273 TraceCheckUtils]: 12: Hoare triple {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:44,102 INFO L273 TraceCheckUtils]: 11: Hoare triple {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2032#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:44,112 INFO L273 TraceCheckUtils]: 10: Hoare triple {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:21:44,113 INFO L273 TraceCheckUtils]: 9: Hoare triple {1993#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2025#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:21:44,114 INFO L273 TraceCheckUtils]: 8: Hoare triple {1993#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1993#true} is VALID [2018-11-23 11:21:44,114 INFO L256 TraceCheckUtils]: 7: Hoare triple {1993#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {1993#true} is VALID [2018-11-23 11:21:44,114 INFO L273 TraceCheckUtils]: 6: Hoare triple {1993#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {1993#true} is VALID [2018-11-23 11:21:44,114 INFO L273 TraceCheckUtils]: 5: Hoare triple {1993#true} ~len~1 := 2bv32; {1993#true} is VALID [2018-11-23 11:21:44,114 INFO L256 TraceCheckUtils]: 4: Hoare triple {1993#true} call #t~ret11 := main(); {1993#true} is VALID [2018-11-23 11:21:44,115 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1993#true} {1993#true} #91#return; {1993#true} is VALID [2018-11-23 11:21:44,115 INFO L273 TraceCheckUtils]: 2: Hoare triple {1993#true} assume true; {1993#true} is VALID [2018-11-23 11:21:44,115 INFO L273 TraceCheckUtils]: 1: Hoare triple {1993#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {1993#true} is VALID [2018-11-23 11:21:44,115 INFO L256 TraceCheckUtils]: 0: Hoare triple {1993#true} call ULTIMATE.init(); {1993#true} is VALID [2018-11-23 11:21:44,116 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 2 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:44,118 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:21:44,118 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 11] total 20 [2018-11-23 11:21:44,119 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 29 [2018-11-23 11:21:44,119 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:44,119 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 20 states. [2018-11-23 11:21:44,183 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 44 edges. 44 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:44,183 INFO L459 AbstractCegarLoop]: Interpolant automaton has 20 states [2018-11-23 11:21:44,184 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2018-11-23 11:21:44,184 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=324, Unknown=0, NotChecked=0, Total=380 [2018-11-23 11:21:44,185 INFO L87 Difference]: Start difference. First operand 30 states and 32 transitions. Second operand 20 states. [2018-11-23 11:21:56,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:56,064 INFO L93 Difference]: Finished difference Result 39 states and 41 transitions. [2018-11-23 11:21:56,064 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2018-11-23 11:21:56,064 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 29 [2018-11-23 11:21:56,064 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:56,065 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20 states. [2018-11-23 11:21:56,067 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 41 transitions. [2018-11-23 11:21:56,067 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20 states. [2018-11-23 11:21:56,068 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 41 transitions. [2018-11-23 11:21:56,068 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states and 41 transitions. [2018-11-23 11:21:56,152 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 41 edges. 41 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:56,154 INFO L225 Difference]: With dead ends: 39 [2018-11-23 11:21:56,154 INFO L226 Difference]: Without dead ends: 33 [2018-11-23 11:21:56,155 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 62 GetRequests, 39 SyntacticMatches, 0 SemanticMatches, 23 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 76 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=97, Invalid=503, Unknown=0, NotChecked=0, Total=600 [2018-11-23 11:21:56,155 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33 states. [2018-11-23 11:21:56,193 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33 to 31. [2018-11-23 11:21:56,193 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:56,193 INFO L82 GeneralOperation]: Start isEquivalent. First operand 33 states. Second operand 31 states. [2018-11-23 11:21:56,193 INFO L74 IsIncluded]: Start isIncluded. First operand 33 states. Second operand 31 states. [2018-11-23 11:21:56,194 INFO L87 Difference]: Start difference. First operand 33 states. Second operand 31 states. [2018-11-23 11:21:56,196 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:56,196 INFO L93 Difference]: Finished difference Result 33 states and 35 transitions. [2018-11-23 11:21:56,196 INFO L276 IsEmpty]: Start isEmpty. Operand 33 states and 35 transitions. [2018-11-23 11:21:56,196 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:56,196 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:56,197 INFO L74 IsIncluded]: Start isIncluded. First operand 31 states. Second operand 33 states. [2018-11-23 11:21:56,197 INFO L87 Difference]: Start difference. First operand 31 states. Second operand 33 states. [2018-11-23 11:21:56,198 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:56,198 INFO L93 Difference]: Finished difference Result 33 states and 35 transitions. [2018-11-23 11:21:56,198 INFO L276 IsEmpty]: Start isEmpty. Operand 33 states and 35 transitions. [2018-11-23 11:21:56,199 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:56,199 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:56,199 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:56,199 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:56,199 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 31 states. [2018-11-23 11:21:56,200 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 31 states to 31 states and 33 transitions. [2018-11-23 11:21:56,201 INFO L78 Accepts]: Start accepts. Automaton has 31 states and 33 transitions. Word has length 29 [2018-11-23 11:21:56,201 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:56,201 INFO L480 AbstractCegarLoop]: Abstraction has 31 states and 33 transitions. [2018-11-23 11:21:56,201 INFO L481 AbstractCegarLoop]: Interpolant automaton has 20 states. [2018-11-23 11:21:56,201 INFO L276 IsEmpty]: Start isEmpty. Operand 31 states and 33 transitions. [2018-11-23 11:21:56,202 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2018-11-23 11:21:56,202 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:56,202 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:56,202 INFO L423 AbstractCegarLoop]: === Iteration 8 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:56,203 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:56,203 INFO L82 PathProgramCache]: Analyzing trace with hash -467646048, now seen corresponding path program 3 times [2018-11-23 11:21:56,203 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:56,203 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 9 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:56,226 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2018-11-23 11:21:56,278 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2018-11-23 11:21:56,278 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:21:56,315 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:56,316 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:56,498 INFO L256 TraceCheckUtils]: 0: Hoare triple {2365#true} call ULTIMATE.init(); {2365#true} is VALID [2018-11-23 11:21:56,498 INFO L273 TraceCheckUtils]: 1: Hoare triple {2365#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {2365#true} is VALID [2018-11-23 11:21:56,498 INFO L273 TraceCheckUtils]: 2: Hoare triple {2365#true} assume true; {2365#true} is VALID [2018-11-23 11:21:56,498 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2365#true} {2365#true} #91#return; {2365#true} is VALID [2018-11-23 11:21:56,499 INFO L256 TraceCheckUtils]: 4: Hoare triple {2365#true} call #t~ret11 := main(); {2365#true} is VALID [2018-11-23 11:21:56,499 INFO L273 TraceCheckUtils]: 5: Hoare triple {2365#true} ~len~1 := 2bv32; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,500 INFO L273 TraceCheckUtils]: 6: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,500 INFO L256 TraceCheckUtils]: 7: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {2365#true} is VALID [2018-11-23 11:21:56,500 INFO L273 TraceCheckUtils]: 8: Hoare triple {2365#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {2365#true} is VALID [2018-11-23 11:21:56,501 INFO L273 TraceCheckUtils]: 9: Hoare triple {2365#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2365#true} is VALID [2018-11-23 11:21:56,501 INFO L273 TraceCheckUtils]: 10: Hoare triple {2365#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2365#true} is VALID [2018-11-23 11:21:56,501 INFO L273 TraceCheckUtils]: 11: Hoare triple {2365#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2365#true} is VALID [2018-11-23 11:21:56,501 INFO L273 TraceCheckUtils]: 12: Hoare triple {2365#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2365#true} is VALID [2018-11-23 11:21:56,501 INFO L273 TraceCheckUtils]: 13: Hoare triple {2365#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2365#true} is VALID [2018-11-23 11:21:56,501 INFO L273 TraceCheckUtils]: 14: Hoare triple {2365#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2365#true} is VALID [2018-11-23 11:21:56,501 INFO L273 TraceCheckUtils]: 15: Hoare triple {2365#true} assume !~bvsgt32(~len, 0bv32); {2365#true} is VALID [2018-11-23 11:21:56,502 INFO L273 TraceCheckUtils]: 16: Hoare triple {2365#true} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {2365#true} is VALID [2018-11-23 11:21:56,502 INFO L273 TraceCheckUtils]: 17: Hoare triple {2365#true} assume true; {2365#true} is VALID [2018-11-23 11:21:56,502 INFO L268 TraceCheckUtils]: 18: Hoare quadruple {2365#true} {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #95#return; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,503 INFO L273 TraceCheckUtils]: 19: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,503 INFO L256 TraceCheckUtils]: 20: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {2365#true} is VALID [2018-11-23 11:21:56,503 INFO L273 TraceCheckUtils]: 21: Hoare triple {2365#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {2434#(= sll_length_~len~0 (_ bv0 32))} is VALID [2018-11-23 11:21:56,504 INFO L273 TraceCheckUtils]: 22: Hoare triple {2434#(= sll_length_~len~0 (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2438#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,505 INFO L273 TraceCheckUtils]: 23: Hoare triple {2438#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,505 INFO L273 TraceCheckUtils]: 24: Hoare triple {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,508 INFO L273 TraceCheckUtils]: 25: Hoare triple {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} #res := ~len~0; {2449#(= (_ bv2 32) |sll_length_#res|)} is VALID [2018-11-23 11:21:56,508 INFO L273 TraceCheckUtils]: 26: Hoare triple {2449#(= (_ bv2 32) |sll_length_#res|)} assume true; {2449#(= (_ bv2 32) |sll_length_#res|)} is VALID [2018-11-23 11:21:56,510 INFO L268 TraceCheckUtils]: 27: Hoare quadruple {2449#(= (_ bv2 32) |sll_length_#res|)} {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #97#return; {2456#(and (= (bvadd |main_#t~ret10| (_ bv4294967294 32)) (_ bv0 32)) (= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:56,510 INFO L273 TraceCheckUtils]: 28: Hoare triple {2456#(and (= (bvadd |main_#t~ret10| (_ bv4294967294 32)) (_ bv0 32)) (= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32)))} assume ~len~1 != #t~ret10;havoc #t~ret10; {2366#false} is VALID [2018-11-23 11:21:56,510 INFO L273 TraceCheckUtils]: 29: Hoare triple {2366#false} assume !false; {2366#false} is VALID [2018-11-23 11:21:56,511 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2018-11-23 11:21:56,511 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:21:56,645 INFO L273 TraceCheckUtils]: 29: Hoare triple {2366#false} assume !false; {2366#false} is VALID [2018-11-23 11:21:56,646 INFO L273 TraceCheckUtils]: 28: Hoare triple {2466#(= |main_#t~ret10| main_~len~1)} assume ~len~1 != #t~ret10;havoc #t~ret10; {2366#false} is VALID [2018-11-23 11:21:56,647 INFO L268 TraceCheckUtils]: 27: Hoare quadruple {2449#(= (_ bv2 32) |sll_length_#res|)} {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #97#return; {2466#(= |main_#t~ret10| main_~len~1)} is VALID [2018-11-23 11:21:56,647 INFO L273 TraceCheckUtils]: 26: Hoare triple {2449#(= (_ bv2 32) |sll_length_#res|)} assume true; {2449#(= (_ bv2 32) |sll_length_#res|)} is VALID [2018-11-23 11:21:56,648 INFO L273 TraceCheckUtils]: 25: Hoare triple {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} #res := ~len~0; {2449#(= (_ bv2 32) |sll_length_#res|)} is VALID [2018-11-23 11:21:56,648 INFO L273 TraceCheckUtils]: 24: Hoare triple {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,649 INFO L273 TraceCheckUtils]: 23: Hoare triple {2438#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2442#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,650 INFO L273 TraceCheckUtils]: 22: Hoare triple {2434#(= sll_length_~len~0 (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2438#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,651 INFO L273 TraceCheckUtils]: 21: Hoare triple {2365#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {2434#(= sll_length_~len~0 (_ bv0 32))} is VALID [2018-11-23 11:21:56,651 INFO L256 TraceCheckUtils]: 20: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {2365#true} is VALID [2018-11-23 11:21:56,652 INFO L273 TraceCheckUtils]: 19: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,653 INFO L268 TraceCheckUtils]: 18: Hoare quadruple {2365#true} {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #95#return; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,653 INFO L273 TraceCheckUtils]: 17: Hoare triple {2365#true} assume true; {2365#true} is VALID [2018-11-23 11:21:56,654 INFO L273 TraceCheckUtils]: 16: Hoare triple {2365#true} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {2365#true} is VALID [2018-11-23 11:21:56,654 INFO L273 TraceCheckUtils]: 15: Hoare triple {2365#true} assume !~bvsgt32(~len, 0bv32); {2365#true} is VALID [2018-11-23 11:21:56,654 INFO L273 TraceCheckUtils]: 14: Hoare triple {2365#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2365#true} is VALID [2018-11-23 11:21:56,654 INFO L273 TraceCheckUtils]: 13: Hoare triple {2365#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2365#true} is VALID [2018-11-23 11:21:56,655 INFO L273 TraceCheckUtils]: 12: Hoare triple {2365#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2365#true} is VALID [2018-11-23 11:21:56,655 INFO L273 TraceCheckUtils]: 11: Hoare triple {2365#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2365#true} is VALID [2018-11-23 11:21:56,655 INFO L273 TraceCheckUtils]: 10: Hoare triple {2365#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2365#true} is VALID [2018-11-23 11:21:56,655 INFO L273 TraceCheckUtils]: 9: Hoare triple {2365#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2365#true} is VALID [2018-11-23 11:21:56,656 INFO L273 TraceCheckUtils]: 8: Hoare triple {2365#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {2365#true} is VALID [2018-11-23 11:21:56,656 INFO L256 TraceCheckUtils]: 7: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {2365#true} is VALID [2018-11-23 11:21:56,656 INFO L273 TraceCheckUtils]: 6: Hoare triple {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,657 INFO L273 TraceCheckUtils]: 5: Hoare triple {2365#true} ~len~1 := 2bv32; {2385#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:21:56,657 INFO L256 TraceCheckUtils]: 4: Hoare triple {2365#true} call #t~ret11 := main(); {2365#true} is VALID [2018-11-23 11:21:56,657 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2365#true} {2365#true} #91#return; {2365#true} is VALID [2018-11-23 11:21:56,658 INFO L273 TraceCheckUtils]: 2: Hoare triple {2365#true} assume true; {2365#true} is VALID [2018-11-23 11:21:56,658 INFO L273 TraceCheckUtils]: 1: Hoare triple {2365#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {2365#true} is VALID [2018-11-23 11:21:56,658 INFO L256 TraceCheckUtils]: 0: Hoare triple {2365#true} call ULTIMATE.init(); {2365#true} is VALID [2018-11-23 11:21:56,659 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2018-11-23 11:21:56,665 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:21:56,665 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 9 [2018-11-23 11:21:56,666 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 30 [2018-11-23 11:21:56,666 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:21:56,666 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2018-11-23 11:21:56,704 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:56,704 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-11-23 11:21:56,705 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-11-23 11:21:56,705 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2018-11-23 11:21:56,705 INFO L87 Difference]: Start difference. First operand 31 states and 33 transitions. Second operand 9 states. [2018-11-23 11:21:57,294 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:57,294 INFO L93 Difference]: Finished difference Result 45 states and 50 transitions. [2018-11-23 11:21:57,294 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2018-11-23 11:21:57,294 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 30 [2018-11-23 11:21:57,295 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:21:57,295 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:57,296 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 46 transitions. [2018-11-23 11:21:57,296 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2018-11-23 11:21:57,297 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 46 transitions. [2018-11-23 11:21:57,298 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 46 transitions. [2018-11-23 11:21:57,378 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 46 edges. 46 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:21:57,380 INFO L225 Difference]: With dead ends: 45 [2018-11-23 11:21:57,381 INFO L226 Difference]: Without dead ends: 42 [2018-11-23 11:21:57,381 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 60 GetRequests, 50 SyntacticMatches, 2 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2018-11-23 11:21:57,381 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 42 states. [2018-11-23 11:21:57,454 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 42 to 39. [2018-11-23 11:21:57,454 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:21:57,454 INFO L82 GeneralOperation]: Start isEquivalent. First operand 42 states. Second operand 39 states. [2018-11-23 11:21:57,454 INFO L74 IsIncluded]: Start isIncluded. First operand 42 states. Second operand 39 states. [2018-11-23 11:21:57,454 INFO L87 Difference]: Start difference. First operand 42 states. Second operand 39 states. [2018-11-23 11:21:57,457 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:57,457 INFO L93 Difference]: Finished difference Result 42 states and 47 transitions. [2018-11-23 11:21:57,457 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 47 transitions. [2018-11-23 11:21:57,458 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:57,458 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:57,458 INFO L74 IsIncluded]: Start isIncluded. First operand 39 states. Second operand 42 states. [2018-11-23 11:21:57,458 INFO L87 Difference]: Start difference. First operand 39 states. Second operand 42 states. [2018-11-23 11:21:57,460 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:21:57,461 INFO L93 Difference]: Finished difference Result 42 states and 47 transitions. [2018-11-23 11:21:57,461 INFO L276 IsEmpty]: Start isEmpty. Operand 42 states and 47 transitions. [2018-11-23 11:21:57,461 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:21:57,461 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:21:57,462 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:21:57,462 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:21:57,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 39 states. [2018-11-23 11:21:57,464 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 39 states to 39 states and 45 transitions. [2018-11-23 11:21:57,464 INFO L78 Accepts]: Start accepts. Automaton has 39 states and 45 transitions. Word has length 30 [2018-11-23 11:21:57,464 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:21:57,465 INFO L480 AbstractCegarLoop]: Abstraction has 39 states and 45 transitions. [2018-11-23 11:21:57,465 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-11-23 11:21:57,465 INFO L276 IsEmpty]: Start isEmpty. Operand 39 states and 45 transitions. [2018-11-23 11:21:57,465 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2018-11-23 11:21:57,466 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:21:57,466 INFO L402 BasicCegarLoop]: trace histogram [3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:21:57,466 INFO L423 AbstractCegarLoop]: === Iteration 9 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:21:57,466 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:21:57,467 INFO L82 PathProgramCache]: Analyzing trace with hash -10083908, now seen corresponding path program 4 times [2018-11-23 11:21:57,467 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:21:57,467 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 10 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 10 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:21:57,494 INFO L101 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2018-11-23 11:21:57,574 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2018-11-23 11:21:57,575 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:21:57,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:21:57,620 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:21:57,729 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-23 11:21:57,730 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,743 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,743 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:16, output treesize:15 [2018-11-23 11:21:57,747 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:21:57,747 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_54|]. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= |#valid| (store |v_#valid_54| sll_create_~new_head~0.base (_ bv1 1))) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32))) [2018-11-23 11:21:57,747 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (= (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (= sll_create_~head~0.base (_ bv0 32))) [2018-11-23 11:21:57,792 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:21:57,797 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:21:57,800 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,804 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,824 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:21:57,828 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:21:57,829 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,833 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,845 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,846 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:31, output treesize:23 [2018-11-23 11:21:57,893 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:21:57,895 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:21:57,896 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 4 [2018-11-23 11:21:57,898 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,916 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:57,917 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:31, output treesize:25 [2018-11-23 11:21:57,922 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:21:57,922 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_55|]. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 1) (select |v_#valid_55| sll_create_~new_head~0.base)) (= (_ bv1 1) (select |v_#valid_55| sll_create_~head~0.base)) (= (_ bv0 32) sll_create_~head~0.offset)) [2018-11-23 11:21:57,922 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base))) [2018-11-23 11:21:58,063 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 20 [2018-11-23 11:21:58,112 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:21:58,136 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:21:58,230 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:58,271 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 20 [2018-11-23 11:21:58,277 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:21:58,279 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:21:58,290 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:58,315 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:21:58,316 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:44, output treesize:41 [2018-11-23 11:21:59,585 INFO L256 TraceCheckUtils]: 0: Hoare triple {2765#true} call ULTIMATE.init(); {2765#true} is VALID [2018-11-23 11:21:59,586 INFO L273 TraceCheckUtils]: 1: Hoare triple {2765#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {2765#true} is VALID [2018-11-23 11:21:59,586 INFO L273 TraceCheckUtils]: 2: Hoare triple {2765#true} assume true; {2765#true} is VALID [2018-11-23 11:21:59,586 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2765#true} {2765#true} #91#return; {2765#true} is VALID [2018-11-23 11:21:59,586 INFO L256 TraceCheckUtils]: 4: Hoare triple {2765#true} call #t~ret11 := main(); {2765#true} is VALID [2018-11-23 11:21:59,586 INFO L273 TraceCheckUtils]: 5: Hoare triple {2765#true} ~len~1 := 2bv32; {2765#true} is VALID [2018-11-23 11:21:59,587 INFO L273 TraceCheckUtils]: 6: Hoare triple {2765#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {2765#true} is VALID [2018-11-23 11:21:59,587 INFO L256 TraceCheckUtils]: 7: Hoare triple {2765#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {2765#true} is VALID [2018-11-23 11:21:59,587 INFO L273 TraceCheckUtils]: 8: Hoare triple {2765#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {2794#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:59,589 INFO L273 TraceCheckUtils]: 9: Hoare triple {2794#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2798#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:59,592 INFO L273 TraceCheckUtils]: 10: Hoare triple {2798#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2798#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:21:59,594 INFO L273 TraceCheckUtils]: 11: Hoare triple {2798#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2805#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset))} is VALID [2018-11-23 11:21:59,595 INFO L273 TraceCheckUtils]: 12: Hoare triple {2805#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2809#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:21:59,596 INFO L273 TraceCheckUtils]: 13: Hoare triple {2809#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2809#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:21:59,599 INFO L273 TraceCheckUtils]: 14: Hoare triple {2809#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2816#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:59,600 INFO L273 TraceCheckUtils]: 15: Hoare triple {2816#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {2816#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:59,601 INFO L273 TraceCheckUtils]: 16: Hoare triple {2816#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {2823#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:59,602 INFO L273 TraceCheckUtils]: 17: Hoare triple {2823#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} assume true; {2823#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:21:59,605 INFO L268 TraceCheckUtils]: 18: Hoare quadruple {2823#(and (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} {2765#true} #95#return; {2830#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) |main_#t~ret9.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) |main_#t~ret9.offset|))} is VALID [2018-11-23 11:21:59,607 INFO L273 TraceCheckUtils]: 19: Hoare triple {2830#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) |main_#t~ret9.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) |main_#t~ret9.offset|))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {2834#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) main_~s~0.base)))} is VALID [2018-11-23 11:21:59,611 INFO L256 TraceCheckUtils]: 20: Hoare triple {2834#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) main_~s~0.base)))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {2838#(exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))))} is VALID [2018-11-23 11:21:59,612 INFO L273 TraceCheckUtils]: 21: Hoare triple {2838#(exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {2842#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (= sll_length_~head.base |sll_length_#in~head.base|))} is VALID [2018-11-23 11:21:59,615 INFO L273 TraceCheckUtils]: 22: Hoare triple {2842#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (= sll_length_~head.base |sll_length_#in~head.base|))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2846#(and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} is VALID [2018-11-23 11:21:59,618 INFO L273 TraceCheckUtils]: 23: Hoare triple {2846#(and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2850#(and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.offset) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} is VALID [2018-11-23 11:21:59,619 INFO L273 TraceCheckUtils]: 24: Hoare triple {2850#(and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.offset) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} is VALID [2018-11-23 11:21:59,620 INFO L273 TraceCheckUtils]: 25: Hoare triple {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} is VALID [2018-11-23 11:21:59,620 INFO L273 TraceCheckUtils]: 26: Hoare triple {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} #res := ~len~0; {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} is VALID [2018-11-23 11:21:59,624 INFO L273 TraceCheckUtils]: 27: Hoare triple {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} assume true; {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} is VALID [2018-11-23 11:21:59,627 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {2854#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_5 (_ BitVec 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= v_main_~s~0.base_BEFORE_CALL_5 (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_5) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))))} {2834#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) main_~s~0.base)))} #97#return; {2766#false} is VALID [2018-11-23 11:21:59,627 INFO L273 TraceCheckUtils]: 29: Hoare triple {2766#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {2766#false} is VALID [2018-11-23 11:21:59,627 INFO L273 TraceCheckUtils]: 30: Hoare triple {2766#false} assume !false; {2766#false} is VALID [2018-11-23 11:21:59,635 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 0 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:21:59,635 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:22:00,742 WARN L180 SmtUtils]: Spent 406.00 ms on a formula simplification that was a NOOP. DAG size: 62 [2018-11-23 11:22:01,008 WARN L180 SmtUtils]: Spent 261.00 ms on a formula simplification that was a NOOP. DAG size: 42 [2018-11-23 11:22:01,267 WARN L180 SmtUtils]: Spent 256.00 ms on a formula simplification that was a NOOP. DAG size: 46 [2018-11-23 11:22:01,530 WARN L180 SmtUtils]: Spent 262.00 ms on a formula simplification that was a NOOP. DAG size: 46 [2018-11-23 11:22:08,137 WARN L180 SmtUtils]: Spent 2.05 s on a formula simplification that was a NOOP. DAG size: 32 [2018-11-23 11:22:08,238 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 31 [2018-11-23 11:22:08,308 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:22:08,309 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,335 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 12 [2018-11-23 11:22:08,357 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 3 [2018-11-23 11:22:08,358 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,361 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,378 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 2 xjuncts. [2018-11-23 11:22:08,445 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 31 [2018-11-23 11:22:08,500 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:22:08,501 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,542 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 15 [2018-11-23 11:22:08,548 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 1 [2018-11-23 11:22:08,549 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,556 INFO L267 ElimStorePlain]: Start of recursive call 8: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,560 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 12 [2018-11-23 11:22:08,566 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 3 [2018-11-23 11:22:08,567 INFO L267 ElimStorePlain]: Start of recursive call 11: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,571 INFO L267 ElimStorePlain]: Start of recursive call 10: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:08,598 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 4 xjuncts. [2018-11-23 11:22:08,675 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-2 vars, End of recursive call: 4 dim-0 vars, and 5 xjuncts. [2018-11-23 11:22:08,676 INFO L202 ElimStorePlain]: Needed 11 recursive calls to eliminate 4 variables, input treesize:77, output treesize:67 [2018-11-23 11:22:10,688 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:22:10,689 WARN L384 uantifierElimination]: Input elimination task: ∀ [|#memory_$Pointer$.offset|, v_prenex_4, |#memory_$Pointer$.base|, v_sll_create_~new_head~0.base_27]. (and (or (= (_ bv0 32) (select (select (let ((.cse0 (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)))) (store .cse0 v_prenex_4 (store (select .cse0 v_prenex_4) (_ bv0 32) sll_create_~new_head~0.offset))) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (not (= (select |#valid| v_prenex_4) (_ bv0 1)))) (or (= (_ bv0 32) (select (select (let ((.cse1 (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)))) (store .cse1 v_sll_create_~new_head~0.base_27 (store (select .cse1 v_sll_create_~new_head~0.base_27) (_ bv0 32) sll_create_~new_head~0.base))) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1))))) [2018-11-23 11:22:10,689 WARN L385 uantifierElimination]: ElimStorePlain result: ∀ [v_prenex_5, v_prenex_4, v_sll_create_~new_head~0.base_27, v_prenex_6]. (let ((.cse1 (= sll_create_~new_head~0.offset (_ bv0 32))) (.cse0 (= sll_create_~head~0.base (_ bv0 32))) (.cse2 (= (_ bv0 32) sll_create_~head~0.offset))) (and (or (not (= (select |#valid| v_prenex_5) (_ bv0 1))) .cse0 (= v_prenex_5 sll_create_~new_head~0.base)) (or .cse1 (not (= (select |#valid| v_prenex_4) (_ bv0 1))) .cse2) (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not .cse1) (= (_ bv0 32) sll_create_~new_head~0.base)) (or .cse1 (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1))) .cse0) (or (= v_prenex_6 sll_create_~new_head~0.base) (not (= (select |#valid| v_prenex_6) (_ bv0 1))) .cse2))) [2018-11-23 11:22:11,125 INFO L273 TraceCheckUtils]: 30: Hoare triple {2766#false} assume !false; {2766#false} is VALID [2018-11-23 11:22:11,125 INFO L273 TraceCheckUtils]: 29: Hoare triple {2766#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {2766#false} is VALID [2018-11-23 11:22:11,127 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} {2879#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))))} #97#return; {2766#false} is VALID [2018-11-23 11:22:11,129 INFO L273 TraceCheckUtils]: 27: Hoare triple {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} assume true; {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} is VALID [2018-11-23 11:22:11,129 INFO L273 TraceCheckUtils]: 26: Hoare triple {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} #res := ~len~0; {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} is VALID [2018-11-23 11:22:11,131 INFO L273 TraceCheckUtils]: 25: Hoare triple {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} is VALID [2018-11-23 11:22:11,133 INFO L273 TraceCheckUtils]: 24: Hoare triple {2896#(or (and (= sll_length_~head.offset (_ bv0 32)) (= (_ bv0 32) sll_length_~head.base)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2883#(or (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} is VALID [2018-11-23 11:22:11,135 INFO L273 TraceCheckUtils]: 23: Hoare triple {2900#(or (and (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2896#(or (and (= sll_length_~head.offset (_ bv0 32)) (= (_ bv0 32) sll_length_~head.base)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} is VALID [2018-11-23 11:22:11,136 INFO L273 TraceCheckUtils]: 22: Hoare triple {2904#(or (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2900#(or (and (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} is VALID [2018-11-23 11:22:11,137 INFO L273 TraceCheckUtils]: 21: Hoare triple {2765#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {2904#(or (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))))} is VALID [2018-11-23 11:22:11,138 INFO L256 TraceCheckUtils]: 20: Hoare triple {2879#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {2765#true} is VALID [2018-11-23 11:22:11,142 INFO L273 TraceCheckUtils]: 19: Hoare triple {2911#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {2879#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))))} is VALID [2018-11-23 11:22:11,150 INFO L268 TraceCheckUtils]: 18: Hoare quadruple {2918#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} {2765#true} #95#return; {2911#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))))} is VALID [2018-11-23 11:22:11,151 INFO L273 TraceCheckUtils]: 17: Hoare triple {2918#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} assume true; {2918#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} is VALID [2018-11-23 11:22:11,152 INFO L273 TraceCheckUtils]: 16: Hoare triple {2925#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {2918#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} is VALID [2018-11-23 11:22:11,152 INFO L273 TraceCheckUtils]: 15: Hoare triple {2925#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))))} assume !~bvsgt32(~len, 0bv32); {2925#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))))} is VALID [2018-11-23 11:22:11,157 INFO L273 TraceCheckUtils]: 14: Hoare triple {2932#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2925#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))))} is VALID [2018-11-23 11:22:11,158 INFO L273 TraceCheckUtils]: 13: Hoare triple {2932#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2932#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)))} is VALID [2018-11-23 11:22:11,162 INFO L273 TraceCheckUtils]: 12: Hoare triple {2939#(and (forall ((v_sll_create_~new_head~0.base_27 (_ BitVec 32))) (or (= (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_27 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_27) (_ bv0 32) sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)) (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1))))) (forall ((v_prenex_4 (_ BitVec 32))) (or (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_prenex_4 (store (select |#memory_$Pointer$.offset| v_prenex_4) (_ bv0 32) sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (not (= (select |#valid| v_prenex_4) (_ bv0 1))))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2932#(and (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)))} is VALID [2018-11-23 11:22:11,168 INFO L273 TraceCheckUtils]: 11: Hoare triple {2943#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (= (_ bv0 32) sll_create_~new_head~0.base)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_sll_create_~new_head~0.base_27 (_ BitVec 32))) (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1)))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_6 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_6) (_ bv0 1))) (= v_prenex_6 sll_create_~new_head~0.base))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_prenex_4 (_ BitVec 32))) (not (= (select |#valid| v_prenex_4) (_ bv0 1)))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (forall ((v_prenex_5 (_ BitVec 32))) (or (= v_prenex_5 sll_create_~new_head~0.base) (not (= (select |#valid| v_prenex_5) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {2939#(and (forall ((v_sll_create_~new_head~0.base_27 (_ BitVec 32))) (or (= (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_27 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_27) (_ bv0 32) sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)) (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1))))) (forall ((v_prenex_4 (_ BitVec 32))) (or (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_prenex_4 (store (select |#memory_$Pointer$.offset| v_prenex_4) (_ bv0 32) sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (not (= (select |#valid| v_prenex_4) (_ bv0 1))))))} is VALID [2018-11-23 11:22:11,172 INFO L273 TraceCheckUtils]: 10: Hoare triple {2943#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (= (_ bv0 32) sll_create_~new_head~0.base)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_sll_create_~new_head~0.base_27 (_ BitVec 32))) (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1)))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_6 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_6) (_ bv0 1))) (= v_prenex_6 sll_create_~new_head~0.base))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_prenex_4 (_ BitVec 32))) (not (= (select |#valid| v_prenex_4) (_ bv0 1)))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (forall ((v_prenex_5 (_ BitVec 32))) (or (= v_prenex_5 sll_create_~new_head~0.base) (not (= (select |#valid| v_prenex_5) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {2943#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (= (_ bv0 32) sll_create_~new_head~0.base)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_sll_create_~new_head~0.base_27 (_ BitVec 32))) (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1)))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_6 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_6) (_ bv0 1))) (= v_prenex_6 sll_create_~new_head~0.base))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_prenex_4 (_ BitVec 32))) (not (= (select |#valid| v_prenex_4) (_ bv0 1)))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (forall ((v_prenex_5 (_ BitVec 32))) (or (= v_prenex_5 sll_create_~new_head~0.base) (not (= (select |#valid| v_prenex_5) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))))} is VALID [2018-11-23 11:22:11,177 INFO L273 TraceCheckUtils]: 9: Hoare triple {2794#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {2943#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (= (_ bv0 32) sll_create_~new_head~0.base)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_sll_create_~new_head~0.base_27 (_ BitVec 32))) (not (= (select |#valid| v_sll_create_~new_head~0.base_27) (_ bv0 1)))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_6 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_6) (_ bv0 1))) (= v_prenex_6 sll_create_~new_head~0.base))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (= sll_create_~new_head~0.offset (_ bv0 32)) (forall ((v_prenex_4 (_ BitVec 32))) (not (= (select |#valid| v_prenex_4) (_ bv0 1)))) (= (_ bv0 32) sll_create_~head~0.offset)) (or (forall ((v_prenex_5 (_ BitVec 32))) (or (= v_prenex_5 sll_create_~new_head~0.base) (not (= (select |#valid| v_prenex_5) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))))} is VALID [2018-11-23 11:22:11,177 INFO L273 TraceCheckUtils]: 8: Hoare triple {2765#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {2794#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:22:11,178 INFO L256 TraceCheckUtils]: 7: Hoare triple {2765#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {2765#true} is VALID [2018-11-23 11:22:11,178 INFO L273 TraceCheckUtils]: 6: Hoare triple {2765#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {2765#true} is VALID [2018-11-23 11:22:11,178 INFO L273 TraceCheckUtils]: 5: Hoare triple {2765#true} ~len~1 := 2bv32; {2765#true} is VALID [2018-11-23 11:22:11,178 INFO L256 TraceCheckUtils]: 4: Hoare triple {2765#true} call #t~ret11 := main(); {2765#true} is VALID [2018-11-23 11:22:11,178 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2765#true} {2765#true} #91#return; {2765#true} is VALID [2018-11-23 11:22:11,179 INFO L273 TraceCheckUtils]: 2: Hoare triple {2765#true} assume true; {2765#true} is VALID [2018-11-23 11:22:11,179 INFO L273 TraceCheckUtils]: 1: Hoare triple {2765#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {2765#true} is VALID [2018-11-23 11:22:11,179 INFO L256 TraceCheckUtils]: 0: Hoare triple {2765#true} call ULTIMATE.init(); {2765#true} is VALID [2018-11-23 11:22:11,186 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 3 proven. 8 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2018-11-23 11:22:11,189 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:22:11,190 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 14] total 26 [2018-11-23 11:22:11,190 INFO L78 Accepts]: Start accepts. Automaton has 26 states. Word has length 31 [2018-11-23 11:22:11,191 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:22:11,191 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 26 states. [2018-11-23 11:22:11,340 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 51 edges. 51 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:22:11,340 INFO L459 AbstractCegarLoop]: Interpolant automaton has 26 states [2018-11-23 11:22:11,340 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2018-11-23 11:22:11,341 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=75, Invalid=575, Unknown=0, NotChecked=0, Total=650 [2018-11-23 11:22:11,341 INFO L87 Difference]: Start difference. First operand 39 states and 45 transitions. Second operand 26 states. [2018-11-23 11:22:16,047 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:22:16,047 INFO L93 Difference]: Finished difference Result 68 states and 77 transitions. [2018-11-23 11:22:16,047 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2018-11-23 11:22:16,047 INFO L78 Accepts]: Start accepts. Automaton has 26 states. Word has length 31 [2018-11-23 11:22:16,048 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:22:16,048 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 26 states. [2018-11-23 11:22:16,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 66 transitions. [2018-11-23 11:22:16,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 26 states. [2018-11-23 11:22:16,051 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 66 transitions. [2018-11-23 11:22:16,051 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 19 states and 66 transitions. [2018-11-23 11:22:16,218 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 66 edges. 66 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:22:16,220 INFO L225 Difference]: With dead ends: 68 [2018-11-23 11:22:16,220 INFO L226 Difference]: Without dead ends: 59 [2018-11-23 11:22:16,221 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 63 GetRequests, 33 SyntacticMatches, 4 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 146 ImplicationChecksByTransitivity, 6.6s TimeCoverageRelationStatistics Valid=88, Invalid=668, Unknown=0, NotChecked=0, Total=756 [2018-11-23 11:22:16,222 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2018-11-23 11:22:16,406 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 54. [2018-11-23 11:22:16,407 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:22:16,407 INFO L82 GeneralOperation]: Start isEquivalent. First operand 59 states. Second operand 54 states. [2018-11-23 11:22:16,407 INFO L74 IsIncluded]: Start isIncluded. First operand 59 states. Second operand 54 states. [2018-11-23 11:22:16,407 INFO L87 Difference]: Start difference. First operand 59 states. Second operand 54 states. [2018-11-23 11:22:16,411 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:22:16,411 INFO L93 Difference]: Finished difference Result 59 states and 65 transitions. [2018-11-23 11:22:16,411 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 65 transitions. [2018-11-23 11:22:16,411 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:22:16,411 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:22:16,412 INFO L74 IsIncluded]: Start isIncluded. First operand 54 states. Second operand 59 states. [2018-11-23 11:22:16,412 INFO L87 Difference]: Start difference. First operand 54 states. Second operand 59 states. [2018-11-23 11:22:16,414 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:22:16,414 INFO L93 Difference]: Finished difference Result 59 states and 65 transitions. [2018-11-23 11:22:16,414 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 65 transitions. [2018-11-23 11:22:16,414 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:22:16,414 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:22:16,415 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:22:16,415 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:22:16,415 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 54 states. [2018-11-23 11:22:16,416 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 54 states to 54 states and 61 transitions. [2018-11-23 11:22:16,417 INFO L78 Accepts]: Start accepts. Automaton has 54 states and 61 transitions. Word has length 31 [2018-11-23 11:22:16,417 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:22:16,417 INFO L480 AbstractCegarLoop]: Abstraction has 54 states and 61 transitions. [2018-11-23 11:22:16,417 INFO L481 AbstractCegarLoop]: Interpolant automaton has 26 states. [2018-11-23 11:22:16,417 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 61 transitions. [2018-11-23 11:22:16,418 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2018-11-23 11:22:16,418 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:22:16,418 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:22:16,419 INFO L423 AbstractCegarLoop]: === Iteration 10 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:22:16,419 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:22:16,419 INFO L82 PathProgramCache]: Analyzing trace with hash 577809584, now seen corresponding path program 2 times [2018-11-23 11:22:16,419 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:22:16,419 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 11 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 11 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:22:16,444 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2018-11-23 11:22:16,512 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2018-11-23 11:22:16,512 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:22:16,524 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:22:16,526 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:22:16,635 INFO L256 TraceCheckUtils]: 0: Hoare triple {3276#true} call ULTIMATE.init(); {3276#true} is VALID [2018-11-23 11:22:16,635 INFO L273 TraceCheckUtils]: 1: Hoare triple {3276#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {3276#true} is VALID [2018-11-23 11:22:16,635 INFO L273 TraceCheckUtils]: 2: Hoare triple {3276#true} assume true; {3276#true} is VALID [2018-11-23 11:22:16,636 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {3276#true} {3276#true} #91#return; {3276#true} is VALID [2018-11-23 11:22:16,636 INFO L256 TraceCheckUtils]: 4: Hoare triple {3276#true} call #t~ret11 := main(); {3276#true} is VALID [2018-11-23 11:22:16,636 INFO L273 TraceCheckUtils]: 5: Hoare triple {3276#true} ~len~1 := 2bv32; {3296#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:22:16,637 INFO L273 TraceCheckUtils]: 6: Hoare triple {3296#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {3300#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:22:16,637 INFO L273 TraceCheckUtils]: 7: Hoare triple {3300#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {3300#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:22:16,637 INFO L256 TraceCheckUtils]: 8: Hoare triple {3300#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {3276#true} is VALID [2018-11-23 11:22:16,638 INFO L273 TraceCheckUtils]: 9: Hoare triple {3276#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {3310#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:22:16,638 INFO L273 TraceCheckUtils]: 10: Hoare triple {3310#(= |sll_create_#in~len| sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3310#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:22:16,638 INFO L273 TraceCheckUtils]: 11: Hoare triple {3310#(= |sll_create_#in~len| sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3310#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:22:16,639 INFO L273 TraceCheckUtils]: 12: Hoare triple {3310#(= |sll_create_#in~len| sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3320#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:22:16,639 INFO L273 TraceCheckUtils]: 13: Hoare triple {3320#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3320#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:22:16,639 INFO L273 TraceCheckUtils]: 14: Hoare triple {3320#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3320#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:22:16,665 INFO L273 TraceCheckUtils]: 15: Hoare triple {3320#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3330#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} is VALID [2018-11-23 11:22:16,668 INFO L273 TraceCheckUtils]: 16: Hoare triple {3330#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:22:16,669 INFO L273 TraceCheckUtils]: 17: Hoare triple {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:22:16,669 INFO L273 TraceCheckUtils]: 18: Hoare triple {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} assume true; {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:22:16,670 INFO L268 TraceCheckUtils]: 19: Hoare quadruple {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} {3300#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} #95#return; {3277#false} is VALID [2018-11-23 11:22:16,670 INFO L273 TraceCheckUtils]: 20: Hoare triple {3277#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {3277#false} is VALID [2018-11-23 11:22:16,670 INFO L256 TraceCheckUtils]: 21: Hoare triple {3277#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {3277#false} is VALID [2018-11-23 11:22:16,671 INFO L273 TraceCheckUtils]: 22: Hoare triple {3277#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {3277#false} is VALID [2018-11-23 11:22:16,671 INFO L273 TraceCheckUtils]: 23: Hoare triple {3277#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3277#false} is VALID [2018-11-23 11:22:16,671 INFO L273 TraceCheckUtils]: 24: Hoare triple {3277#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3277#false} is VALID [2018-11-23 11:22:16,671 INFO L273 TraceCheckUtils]: 25: Hoare triple {3277#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {3277#false} is VALID [2018-11-23 11:22:16,671 INFO L273 TraceCheckUtils]: 26: Hoare triple {3277#false} #res := ~len~0; {3277#false} is VALID [2018-11-23 11:22:16,671 INFO L273 TraceCheckUtils]: 27: Hoare triple {3277#false} assume true; {3277#false} is VALID [2018-11-23 11:22:16,671 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {3277#false} {3277#false} #97#return; {3277#false} is VALID [2018-11-23 11:22:16,672 INFO L273 TraceCheckUtils]: 29: Hoare triple {3277#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {3277#false} is VALID [2018-11-23 11:22:16,672 INFO L273 TraceCheckUtils]: 30: Hoare triple {3277#false} assume !false; {3277#false} is VALID [2018-11-23 11:22:16,673 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-23 11:22:16,673 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:22:16,986 INFO L273 TraceCheckUtils]: 30: Hoare triple {3277#false} assume !false; {3277#false} is VALID [2018-11-23 11:22:16,986 INFO L273 TraceCheckUtils]: 29: Hoare triple {3277#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {3277#false} is VALID [2018-11-23 11:22:16,987 INFO L268 TraceCheckUtils]: 28: Hoare quadruple {3276#true} {3277#false} #97#return; {3277#false} is VALID [2018-11-23 11:22:16,987 INFO L273 TraceCheckUtils]: 27: Hoare triple {3276#true} assume true; {3276#true} is VALID [2018-11-23 11:22:16,987 INFO L273 TraceCheckUtils]: 26: Hoare triple {3276#true} #res := ~len~0; {3276#true} is VALID [2018-11-23 11:22:16,987 INFO L273 TraceCheckUtils]: 25: Hoare triple {3276#true} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {3276#true} is VALID [2018-11-23 11:22:16,988 INFO L273 TraceCheckUtils]: 24: Hoare triple {3276#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3276#true} is VALID [2018-11-23 11:22:16,988 INFO L273 TraceCheckUtils]: 23: Hoare triple {3276#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3276#true} is VALID [2018-11-23 11:22:16,988 INFO L273 TraceCheckUtils]: 22: Hoare triple {3276#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {3276#true} is VALID [2018-11-23 11:22:16,988 INFO L256 TraceCheckUtils]: 21: Hoare triple {3277#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {3276#true} is VALID [2018-11-23 11:22:16,988 INFO L273 TraceCheckUtils]: 20: Hoare triple {3277#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {3277#false} is VALID [2018-11-23 11:22:16,990 INFO L268 TraceCheckUtils]: 19: Hoare quadruple {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} {3410#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #95#return; {3277#false} is VALID [2018-11-23 11:22:16,991 INFO L273 TraceCheckUtils]: 18: Hoare triple {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} assume true; {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:22:16,991 INFO L273 TraceCheckUtils]: 17: Hoare triple {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:22:16,992 INFO L273 TraceCheckUtils]: 16: Hoare triple {3423#(or (bvsgt sll_create_~len (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !~bvsgt32(~len, 0bv32); {3334#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:22:16,998 INFO L273 TraceCheckUtils]: 15: Hoare triple {3427#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3423#(or (bvsgt sll_create_~len (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:22:16,999 INFO L273 TraceCheckUtils]: 14: Hoare triple {3427#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3427#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:22:16,999 INFO L273 TraceCheckUtils]: 13: Hoare triple {3427#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3427#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:22:17,006 INFO L273 TraceCheckUtils]: 12: Hoare triple {3437#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3427#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:22:17,006 INFO L273 TraceCheckUtils]: 11: Hoare triple {3437#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3437#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:22:17,007 INFO L273 TraceCheckUtils]: 10: Hoare triple {3437#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3437#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:22:17,007 INFO L273 TraceCheckUtils]: 9: Hoare triple {3276#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {3437#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:22:17,007 INFO L256 TraceCheckUtils]: 8: Hoare triple {3410#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {3276#true} is VALID [2018-11-23 11:22:17,008 INFO L273 TraceCheckUtils]: 7: Hoare triple {3410#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {3410#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:22:17,011 INFO L273 TraceCheckUtils]: 6: Hoare triple {3453#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {3410#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:22:17,012 INFO L273 TraceCheckUtils]: 5: Hoare triple {3276#true} ~len~1 := 2bv32; {3453#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:22:17,012 INFO L256 TraceCheckUtils]: 4: Hoare triple {3276#true} call #t~ret11 := main(); {3276#true} is VALID [2018-11-23 11:22:17,012 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {3276#true} {3276#true} #91#return; {3276#true} is VALID [2018-11-23 11:22:17,012 INFO L273 TraceCheckUtils]: 2: Hoare triple {3276#true} assume true; {3276#true} is VALID [2018-11-23 11:22:17,013 INFO L273 TraceCheckUtils]: 1: Hoare triple {3276#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {3276#true} is VALID [2018-11-23 11:22:17,013 INFO L256 TraceCheckUtils]: 0: Hoare triple {3276#true} call ULTIMATE.init(); {3276#true} is VALID [2018-11-23 11:22:17,014 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-23 11:22:17,015 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:22:17,016 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 13 [2018-11-23 11:22:17,016 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 31 [2018-11-23 11:22:17,017 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:22:17,017 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states. [2018-11-23 11:22:17,121 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 50 edges. 50 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:22:17,121 INFO L459 AbstractCegarLoop]: Interpolant automaton has 13 states [2018-11-23 11:22:17,121 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2018-11-23 11:22:17,122 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=32, Invalid=124, Unknown=0, NotChecked=0, Total=156 [2018-11-23 11:22:17,122 INFO L87 Difference]: Start difference. First operand 54 states and 61 transitions. Second operand 13 states. [2018-11-23 11:22:20,765 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:22:20,765 INFO L93 Difference]: Finished difference Result 114 states and 133 transitions. [2018-11-23 11:22:20,765 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2018-11-23 11:22:20,766 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 31 [2018-11-23 11:22:20,766 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:22:20,766 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2018-11-23 11:22:20,768 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 99 transitions. [2018-11-23 11:22:20,768 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2018-11-23 11:22:20,770 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 99 transitions. [2018-11-23 11:22:20,771 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 15 states and 99 transitions. [2018-11-23 11:22:21,013 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 99 edges. 99 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:22:21,016 INFO L225 Difference]: With dead ends: 114 [2018-11-23 11:22:21,016 INFO L226 Difference]: Without dead ends: 74 [2018-11-23 11:22:21,017 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 67 GetRequests, 50 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=71, Invalid=271, Unknown=0, NotChecked=0, Total=342 [2018-11-23 11:22:21,017 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states. [2018-11-23 11:22:21,214 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 51. [2018-11-23 11:22:21,214 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:22:21,214 INFO L82 GeneralOperation]: Start isEquivalent. First operand 74 states. Second operand 51 states. [2018-11-23 11:22:21,214 INFO L74 IsIncluded]: Start isIncluded. First operand 74 states. Second operand 51 states. [2018-11-23 11:22:21,215 INFO L87 Difference]: Start difference. First operand 74 states. Second operand 51 states. [2018-11-23 11:22:21,218 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:22:21,218 INFO L93 Difference]: Finished difference Result 74 states and 87 transitions. [2018-11-23 11:22:21,219 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 87 transitions. [2018-11-23 11:22:21,219 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:22:21,219 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:22:21,219 INFO L74 IsIncluded]: Start isIncluded. First operand 51 states. Second operand 74 states. [2018-11-23 11:22:21,219 INFO L87 Difference]: Start difference. First operand 51 states. Second operand 74 states. [2018-11-23 11:22:21,222 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:22:21,222 INFO L93 Difference]: Finished difference Result 74 states and 87 transitions. [2018-11-23 11:22:21,222 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 87 transitions. [2018-11-23 11:22:21,223 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:22:21,223 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:22:21,223 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:22:21,223 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:22:21,224 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 51 states. [2018-11-23 11:22:21,225 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 51 states to 51 states and 58 transitions. [2018-11-23 11:22:21,225 INFO L78 Accepts]: Start accepts. Automaton has 51 states and 58 transitions. Word has length 31 [2018-11-23 11:22:21,225 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:22:21,225 INFO L480 AbstractCegarLoop]: Abstraction has 51 states and 58 transitions. [2018-11-23 11:22:21,225 INFO L481 AbstractCegarLoop]: Interpolant automaton has 13 states. [2018-11-23 11:22:21,225 INFO L276 IsEmpty]: Start isEmpty. Operand 51 states and 58 transitions. [2018-11-23 11:22:21,226 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2018-11-23 11:22:21,226 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:22:21,226 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:22:21,226 INFO L423 AbstractCegarLoop]: === Iteration 11 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:22:21,227 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:22:21,227 INFO L82 PathProgramCache]: Analyzing trace with hash 1731035778, now seen corresponding path program 3 times [2018-11-23 11:22:21,227 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:22:21,227 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 12 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 12 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:22:21,243 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2018-11-23 11:22:21,426 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2018-11-23 11:22:21,426 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:22:21,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:22:21,465 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:22:21,558 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-23 11:22:21,561 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,568 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,569 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:11, output treesize:10 [2018-11-23 11:22:21,573 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:22:21,573 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_79|]. (and (not (= sll_create_~head~0.base (_ bv0 32))) (= |#valid| (store |v_#valid_79| sll_create_~new_head~0.base (_ bv1 1)))) [2018-11-23 11:22:21,573 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (not (= sll_create_~head~0.base (_ bv0 32))) (= (select |#valid| sll_create_~new_head~0.base) (_ bv1 1))) [2018-11-23 11:22:21,610 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:22:21,616 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:22:21,618 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,623 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,638 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,638 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:21, output treesize:14 [2018-11-23 11:22:21,649 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:22:21,649 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_59|, v_sll_create_~head~0.base_56]. (and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_59| sll_create_~head~0.base (store (select |v_#memory_$Pointer$.base_59| sll_create_~head~0.base) sll_create_~head~0.offset v_sll_create_~head~0.base_56))) (not (= (_ bv0 32) v_sll_create_~head~0.base_56))) [2018-11-23 11:22:21,649 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)))) [2018-11-23 11:22:21,688 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:22:21,690 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:22:21,691 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 4 [2018-11-23 11:22:21,692 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,702 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,703 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:19, output treesize:13 [2018-11-23 11:22:21,707 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:22:21,708 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_80|]. (and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))) (= (_ bv0 1) (select |v_#valid_80| sll_create_~new_head~0.base)) (= (_ bv1 1) (select |v_#valid_80| sll_create_~head~0.base))) [2018-11-23 11:22:21,708 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))) (not (= sll_create_~head~0.base sll_create_~new_head~0.base))) [2018-11-23 11:22:21,775 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 21 [2018-11-23 11:22:21,783 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:22:21,786 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,801 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,836 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:22:21,841 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:22:21,843 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,850 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,874 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:21,874 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 4 variables, input treesize:35, output treesize:25 [2018-11-23 11:22:21,905 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:22:21,906 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_60|, v_sll_create_~head~0.base_57, v_sll_create_~head~0.offset_51, |v_#memory_$Pointer$.offset_54|]. (and (not (= sll_create_~head~0.base v_sll_create_~head~0.base_57)) (not (= (_ bv0 32) (select (select |v_#memory_$Pointer$.base_60| v_sll_create_~head~0.base_57) v_sll_create_~head~0.offset_51))) (= (store |v_#memory_$Pointer$.base_60| sll_create_~head~0.base (store (select |v_#memory_$Pointer$.base_60| sll_create_~head~0.base) sll_create_~head~0.offset v_sll_create_~head~0.base_57)) |#memory_$Pointer$.base|) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_54| sll_create_~head~0.base (store (select |v_#memory_$Pointer$.offset_54| sll_create_~head~0.base) sll_create_~head~0.offset v_sll_create_~head~0.offset_51)))) [2018-11-23 11:22:21,906 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (let ((.cse0 (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))) (and (not (= (select (select |#memory_$Pointer$.base| .cse0) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32))) (not (= sll_create_~head~0.base .cse0)))) [2018-11-23 11:22:24,119 WARN L854 $PredicateComparison]: unable to prove that (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (let ((.cse0 (select (select |c_#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7))) (and (not (= (select (select |c_#memory_$Pointer$.base| .cse0) (select (select |c_#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= .cse0 v_main_~s~0.base_BEFORE_CALL_8))))) is different from true [2018-11-23 11:22:24,947 WARN L180 SmtUtils]: Spent 622.00 ms on a formula simplification that was a NOOP. DAG size: 28 [2018-11-23 11:22:25,313 INFO L256 TraceCheckUtils]: 0: Hoare triple {3880#true} call ULTIMATE.init(); {3880#true} is VALID [2018-11-23 11:22:25,313 INFO L273 TraceCheckUtils]: 1: Hoare triple {3880#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {3880#true} is VALID [2018-11-23 11:22:25,313 INFO L273 TraceCheckUtils]: 2: Hoare triple {3880#true} assume true; {3880#true} is VALID [2018-11-23 11:22:25,314 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {3880#true} {3880#true} #91#return; {3880#true} is VALID [2018-11-23 11:22:25,314 INFO L256 TraceCheckUtils]: 4: Hoare triple {3880#true} call #t~ret11 := main(); {3880#true} is VALID [2018-11-23 11:22:25,314 INFO L273 TraceCheckUtils]: 5: Hoare triple {3880#true} ~len~1 := 2bv32; {3880#true} is VALID [2018-11-23 11:22:25,314 INFO L273 TraceCheckUtils]: 6: Hoare triple {3880#true} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {3880#true} is VALID [2018-11-23 11:22:25,315 INFO L273 TraceCheckUtils]: 7: Hoare triple {3880#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {3880#true} is VALID [2018-11-23 11:22:25,315 INFO L256 TraceCheckUtils]: 8: Hoare triple {3880#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {3880#true} is VALID [2018-11-23 11:22:25,315 INFO L273 TraceCheckUtils]: 9: Hoare triple {3880#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {3880#true} is VALID [2018-11-23 11:22:25,315 INFO L273 TraceCheckUtils]: 10: Hoare triple {3880#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:22:25,316 INFO L273 TraceCheckUtils]: 11: Hoare triple {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:22:25,316 INFO L273 TraceCheckUtils]: 12: Hoare triple {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3922#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:22:25,318 INFO L273 TraceCheckUtils]: 13: Hoare triple {3922#(not (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3926#(and (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-23 11:22:25,318 INFO L273 TraceCheckUtils]: 14: Hoare triple {3926#(and (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3926#(and (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-23 11:22:25,320 INFO L273 TraceCheckUtils]: 15: Hoare triple {3926#(and (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3933#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))))} is VALID [2018-11-23 11:22:25,322 INFO L273 TraceCheckUtils]: 16: Hoare triple {3933#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3937#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:22:25,323 INFO L273 TraceCheckUtils]: 17: Hoare triple {3937#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3937#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:22:25,325 INFO L273 TraceCheckUtils]: 18: Hoare triple {3937#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3944#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32))) (not (= sll_create_~head~0.base (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))))} is VALID [2018-11-23 11:22:25,326 INFO L273 TraceCheckUtils]: 19: Hoare triple {3944#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32))) (not (= sll_create_~head~0.base (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))))} assume !~bvsgt32(~len, 0bv32); {3944#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32))) (not (= sll_create_~head~0.base (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))))} is VALID [2018-11-23 11:22:25,328 INFO L273 TraceCheckUtils]: 20: Hoare triple {3944#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32))) (not (= sll_create_~head~0.base (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset))))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {3951#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) |sll_create_#res.base|)))} is VALID [2018-11-23 11:22:25,329 INFO L273 TraceCheckUtils]: 21: Hoare triple {3951#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) |sll_create_#res.base|)))} assume true; {3951#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) |sll_create_#res.base|)))} is VALID [2018-11-23 11:22:25,331 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {3951#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|) |sll_create_#res.base|)))} {3880#true} #95#return; {3958#(and (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|) |main_#t~ret9.base|)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|)))))} is VALID [2018-11-23 11:22:25,332 INFO L273 TraceCheckUtils]: 23: Hoare triple {3958#(and (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|) |main_#t~ret9.base|)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|)))))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {3962#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset)))) (not (= main_~s~0.base (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset))))} is VALID [2018-11-23 11:22:25,334 INFO L256 TraceCheckUtils]: 24: Hoare triple {3962#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset)))) (not (= main_~s~0.base (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset))))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {3966#(exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8))))} is VALID [2018-11-23 11:22:25,335 INFO L273 TraceCheckUtils]: 25: Hoare triple {3966#(exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {3970#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (= sll_length_~head.base |sll_length_#in~head.base|) (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))))} is VALID [2018-11-23 11:22:25,338 INFO L273 TraceCheckUtils]: 26: Hoare triple {3970#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (= sll_length_~head.base |sll_length_#in~head.base|) (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3974#(and (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} is VALID [2018-11-23 11:22:25,339 INFO L273 TraceCheckUtils]: 27: Hoare triple {3974#(and (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3978#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} is VALID [2018-11-23 11:22:25,340 INFO L273 TraceCheckUtils]: 28: Hoare triple {3978#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {3982#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} is VALID [2018-11-23 11:22:25,341 INFO L273 TraceCheckUtils]: 29: Hoare triple {3982#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} #res := ~len~0; {3982#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} is VALID [2018-11-23 11:22:25,341 INFO L273 TraceCheckUtils]: 30: Hoare triple {3982#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} assume true; {3982#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} is VALID [2018-11-23 11:22:25,343 INFO L268 TraceCheckUtils]: 31: Hoare quadruple {3982#(and (exists ((v_main_~s~0.base_BEFORE_CALL_8 (_ BitVec 32)) (v_main_~s~0.offset_BEFORE_CALL_7 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_8) v_main_~s~0.offset_BEFORE_CALL_7) v_main_~s~0.base_BEFORE_CALL_8)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} {3962#(and (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset)))) (not (= main_~s~0.base (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset))))} #97#return; {3881#false} is VALID [2018-11-23 11:22:25,344 INFO L273 TraceCheckUtils]: 32: Hoare triple {3881#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {3881#false} is VALID [2018-11-23 11:22:25,344 INFO L273 TraceCheckUtils]: 33: Hoare triple {3881#false} assume !false; {3881#false} is VALID [2018-11-23 11:22:25,349 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 3 proven. 12 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:22:25,349 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:22:26,470 WARN L180 SmtUtils]: Spent 220.00 ms on a formula simplification that was a NOOP. DAG size: 54 [2018-11-23 11:22:26,601 WARN L180 SmtUtils]: Spent 128.00 ms on a formula simplification that was a NOOP. DAG size: 40 [2018-11-23 11:22:26,781 WARN L180 SmtUtils]: Spent 176.00 ms on a formula simplification that was a NOOP. DAG size: 44 [2018-11-23 11:22:26,965 WARN L180 SmtUtils]: Spent 184.00 ms on a formula simplification that was a NOOP. DAG size: 44 [2018-11-23 11:22:29,494 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 26 [2018-11-23 11:22:29,557 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:22:29,558 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:29,603 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 16 [2018-11-23 11:22:29,611 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 4 [2018-11-23 11:22:29,613 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:29,621 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:29,625 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 19 [2018-11-23 11:22:29,630 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 1 [2018-11-23 11:22:29,632 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:29,643 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:29,647 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 16 [2018-11-23 11:22:29,653 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 4 [2018-11-23 11:22:29,654 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 1 xjuncts. [2018-11-23 11:22:29,662 INFO L267 ElimStorePlain]: Start of recursive call 8: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:22:29,699 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:22:29,741 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-2 vars, End of recursive call: 2 dim-0 vars, and 3 xjuncts. [2018-11-23 11:22:29,741 INFO L202 ElimStorePlain]: Needed 9 recursive calls to eliminate 4 variables, input treesize:39, output treesize:37 [2018-11-23 11:22:29,752 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:22:29,752 WARN L384 uantifierElimination]: Input elimination task: ∀ [|#memory_$Pointer$.base|, sll_create_~new_head~0.offset, v_sll_create_~new_head~0.base_44, v_sll_create_~head~0.offset_60]. (or (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))) (not (= (select (select (let ((.cse0 (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)))) (store .cse0 v_sll_create_~new_head~0.base_44 (store (select .cse0 v_sll_create_~new_head~0.base_44) v_sll_create_~head~0.offset_60 sll_create_~new_head~0.base))) sll_create_~new_head~0.base) sll_create_~new_head~0.offset) (_ bv0 32)))) [2018-11-23 11:22:29,752 WARN L385 uantifierElimination]: ElimStorePlain result: ∀ [v_prenex_7, v_sll_create_~new_head~0.base_44]. (let ((.cse0 (not (= sll_create_~head~0.base (_ bv0 32))))) (and (or (not (= (_ bv0 32) sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1)))) (or (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))) .cse0) (or (not (= (_ bv0 1) (select |#valid| v_prenex_7))) .cse0 (= v_prenex_7 sll_create_~new_head~0.base)))) [2018-11-23 11:22:29,965 INFO L273 TraceCheckUtils]: 33: Hoare triple {3881#false} assume !false; {3881#false} is VALID [2018-11-23 11:22:29,966 INFO L273 TraceCheckUtils]: 32: Hoare triple {3881#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {3881#false} is VALID [2018-11-23 11:22:29,967 INFO L268 TraceCheckUtils]: 31: Hoare quadruple {4008#(= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))} {4004#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))))} #97#return; {3881#false} is VALID [2018-11-23 11:22:29,968 INFO L273 TraceCheckUtils]: 30: Hoare triple {4008#(= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))} assume true; {4008#(= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))} is VALID [2018-11-23 11:22:29,968 INFO L273 TraceCheckUtils]: 29: Hoare triple {4008#(= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))} #res := ~len~0; {4008#(= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))} is VALID [2018-11-23 11:22:29,969 INFO L273 TraceCheckUtils]: 28: Hoare triple {4018#(or (not (= (_ bv0 32) sll_length_~head.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {4008#(= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32))} is VALID [2018-11-23 11:22:29,970 INFO L273 TraceCheckUtils]: 27: Hoare triple {4022#(or (not (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {4018#(or (not (= (_ bv0 32) sll_length_~head.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} is VALID [2018-11-23 11:22:29,971 INFO L273 TraceCheckUtils]: 26: Hoare triple {4026#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {4022#(or (not (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} is VALID [2018-11-23 11:22:29,973 INFO L273 TraceCheckUtils]: 25: Hoare triple {3880#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {4026#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (_ bv0 32)))} is VALID [2018-11-23 11:22:29,973 INFO L256 TraceCheckUtils]: 24: Hoare triple {4004#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {3880#true} is VALID [2018-11-23 11:22:29,974 INFO L273 TraceCheckUtils]: 23: Hoare triple {4033#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {4004#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))))} is VALID [2018-11-23 11:22:29,976 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {4040#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} {3880#true} #95#return; {4033#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))))} is VALID [2018-11-23 11:22:29,976 INFO L273 TraceCheckUtils]: 21: Hoare triple {4040#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} assume true; {4040#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} is VALID [2018-11-23 11:22:29,993 INFO L273 TraceCheckUtils]: 20: Hoare triple {4047#(not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {4040#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))))} is VALID [2018-11-23 11:22:29,993 INFO L273 TraceCheckUtils]: 19: Hoare triple {4047#(not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {4047#(not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} is VALID [2018-11-23 11:22:29,997 INFO L273 TraceCheckUtils]: 18: Hoare triple {4054#(forall ((v_sll_create_~head~0.offset_60 (_ BitVec 32))) (not (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) v_sll_create_~head~0.offset_60 sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4047#(not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} is VALID [2018-11-23 11:22:29,997 INFO L273 TraceCheckUtils]: 17: Hoare triple {4054#(forall ((v_sll_create_~head~0.offset_60 (_ BitVec 32))) (not (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) v_sll_create_~head~0.offset_60 sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4054#(forall ((v_sll_create_~head~0.offset_60 (_ BitVec 32))) (not (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) v_sll_create_~head~0.offset_60 sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32))))} is VALID [2018-11-23 11:22:29,999 INFO L273 TraceCheckUtils]: 16: Hoare triple {4061#(forall ((v_sll_create_~head~0.offset_60 (_ BitVec 32)) (v_sll_create_~new_head~0.base_44 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))) (not (= (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_44 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_44) v_sll_create_~head~0.offset_60 sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4054#(forall ((v_sll_create_~head~0.offset_60 (_ BitVec 32))) (not (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) v_sll_create_~head~0.offset_60 sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32))))} is VALID [2018-11-23 11:22:30,002 INFO L273 TraceCheckUtils]: 15: Hoare triple {4065#(and (or (not (= (_ bv0 32) sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1)))) (or (not (= sll_create_~head~0.base (_ bv0 32))) (forall ((v_sll_create_~new_head~0.base_44 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4061#(forall ((v_sll_create_~head~0.offset_60 (_ BitVec 32)) (v_sll_create_~new_head~0.base_44 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))) (not (= (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_44 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_44) v_sll_create_~head~0.offset_60 sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset) (_ bv0 32)))))} is VALID [2018-11-23 11:22:30,003 INFO L273 TraceCheckUtils]: 14: Hoare triple {4065#(and (or (not (= (_ bv0 32) sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1)))) (or (not (= sll_create_~head~0.base (_ bv0 32))) (forall ((v_sll_create_~new_head~0.base_44 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4065#(and (or (not (= (_ bv0 32) sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1)))) (or (not (= sll_create_~head~0.base (_ bv0 32))) (forall ((v_sll_create_~new_head~0.base_44 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))))))} is VALID [2018-11-23 11:22:30,005 INFO L273 TraceCheckUtils]: 13: Hoare triple {3922#(not (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4065#(and (or (not (= (_ bv0 32) sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1)))) (or (not (= sll_create_~head~0.base (_ bv0 32))) (forall ((v_sll_create_~new_head~0.base_44 (_ BitVec 32))) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_44))))))} is VALID [2018-11-23 11:22:30,006 INFO L273 TraceCheckUtils]: 12: Hoare triple {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {3922#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:22:30,006 INFO L273 TraceCheckUtils]: 11: Hoare triple {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:22:30,007 INFO L273 TraceCheckUtils]: 10: Hoare triple {3880#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {3915#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:22:30,007 INFO L273 TraceCheckUtils]: 9: Hoare triple {3880#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {3880#true} is VALID [2018-11-23 11:22:30,008 INFO L256 TraceCheckUtils]: 8: Hoare triple {3880#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {3880#true} is VALID [2018-11-23 11:22:30,008 INFO L273 TraceCheckUtils]: 7: Hoare triple {3880#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {3880#true} is VALID [2018-11-23 11:22:30,008 INFO L273 TraceCheckUtils]: 6: Hoare triple {3880#true} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {3880#true} is VALID [2018-11-23 11:22:30,008 INFO L273 TraceCheckUtils]: 5: Hoare triple {3880#true} ~len~1 := 2bv32; {3880#true} is VALID [2018-11-23 11:22:30,009 INFO L256 TraceCheckUtils]: 4: Hoare triple {3880#true} call #t~ret11 := main(); {3880#true} is VALID [2018-11-23 11:22:30,009 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {3880#true} {3880#true} #91#return; {3880#true} is VALID [2018-11-23 11:22:30,009 INFO L273 TraceCheckUtils]: 2: Hoare triple {3880#true} assume true; {3880#true} is VALID [2018-11-23 11:22:30,009 INFO L273 TraceCheckUtils]: 1: Hoare triple {3880#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {3880#true} is VALID [2018-11-23 11:22:30,009 INFO L256 TraceCheckUtils]: 0: Hoare triple {3880#true} call ULTIMATE.init(); {3880#true} is VALID [2018-11-23 11:22:30,013 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 3 proven. 12 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:22:30,015 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:22:30,015 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 15] total 27 [2018-11-23 11:22:30,016 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 34 [2018-11-23 11:22:30,016 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:22:30,017 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 27 states. [2018-11-23 11:22:30,112 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 53 edges. 53 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:22:30,112 INFO L459 AbstractCegarLoop]: Interpolant automaton has 27 states [2018-11-23 11:22:30,113 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2018-11-23 11:22:30,113 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=69, Invalid=584, Unknown=1, NotChecked=48, Total=702 [2018-11-23 11:22:30,113 INFO L87 Difference]: Start difference. First operand 51 states and 58 transitions. Second operand 27 states. [2018-11-23 11:22:54,882 WARN L180 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 40 DAG size of output: 38 [2018-11-23 11:22:55,744 WARN L180 SmtUtils]: Spent 161.00 ms on a formula simplification. DAG size of input: 52 DAG size of output: 50 [2018-11-23 11:23:06,287 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:06,287 INFO L93 Difference]: Finished difference Result 63 states and 69 transitions. [2018-11-23 11:23:06,287 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2018-11-23 11:23:06,287 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 34 [2018-11-23 11:23:06,287 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:23:06,287 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 27 states. [2018-11-23 11:23:06,289 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 60 transitions. [2018-11-23 11:23:06,289 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 27 states. [2018-11-23 11:23:06,290 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 60 transitions. [2018-11-23 11:23:06,290 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 21 states and 60 transitions. [2018-11-23 11:23:06,427 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 60 edges. 60 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:23:06,428 INFO L225 Difference]: With dead ends: 63 [2018-11-23 11:23:06,429 INFO L226 Difference]: Without dead ends: 57 [2018-11-23 11:23:06,430 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 75 GetRequests, 42 SyntacticMatches, 0 SemanticMatches, 33 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 85 ImplicationChecksByTransitivity, 7.5s TimeCoverageRelationStatistics Valid=161, Invalid=964, Unknown=1, NotChecked=64, Total=1190 [2018-11-23 11:23:06,430 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2018-11-23 11:23:06,561 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 52. [2018-11-23 11:23:06,561 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:23:06,562 INFO L82 GeneralOperation]: Start isEquivalent. First operand 57 states. Second operand 52 states. [2018-11-23 11:23:06,562 INFO L74 IsIncluded]: Start isIncluded. First operand 57 states. Second operand 52 states. [2018-11-23 11:23:06,562 INFO L87 Difference]: Start difference. First operand 57 states. Second operand 52 states. [2018-11-23 11:23:06,564 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:06,564 INFO L93 Difference]: Finished difference Result 57 states and 63 transitions. [2018-11-23 11:23:06,565 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 63 transitions. [2018-11-23 11:23:06,565 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:23:06,565 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:23:06,565 INFO L74 IsIncluded]: Start isIncluded. First operand 52 states. Second operand 57 states. [2018-11-23 11:23:06,565 INFO L87 Difference]: Start difference. First operand 52 states. Second operand 57 states. [2018-11-23 11:23:06,566 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:06,567 INFO L93 Difference]: Finished difference Result 57 states and 63 transitions. [2018-11-23 11:23:06,567 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 63 transitions. [2018-11-23 11:23:06,567 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:23:06,567 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:23:06,567 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:23:06,567 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:23:06,567 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 52 states. [2018-11-23 11:23:06,569 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 52 states to 52 states and 59 transitions. [2018-11-23 11:23:06,569 INFO L78 Accepts]: Start accepts. Automaton has 52 states and 59 transitions. Word has length 34 [2018-11-23 11:23:06,569 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:23:06,569 INFO L480 AbstractCegarLoop]: Abstraction has 52 states and 59 transitions. [2018-11-23 11:23:06,569 INFO L481 AbstractCegarLoop]: Interpolant automaton has 27 states. [2018-11-23 11:23:06,569 INFO L276 IsEmpty]: Start isEmpty. Operand 52 states and 59 transitions. [2018-11-23 11:23:06,570 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2018-11-23 11:23:06,570 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:23:06,570 INFO L402 BasicCegarLoop]: trace histogram [4, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:23:06,570 INFO L423 AbstractCegarLoop]: === Iteration 12 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:23:06,571 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:23:06,571 INFO L82 PathProgramCache]: Analyzing trace with hash 648580512, now seen corresponding path program 4 times [2018-11-23 11:23:06,571 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:23:06,571 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 13 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 13 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:23:06,587 INFO L101 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2018-11-23 11:23:06,647 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2018-11-23 11:23:06,648 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:23:06,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:23:06,672 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:23:06,847 INFO L256 TraceCheckUtils]: 0: Hoare triple {4413#true} call ULTIMATE.init(); {4413#true} is VALID [2018-11-23 11:23:06,847 INFO L273 TraceCheckUtils]: 1: Hoare triple {4413#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {4413#true} is VALID [2018-11-23 11:23:06,848 INFO L273 TraceCheckUtils]: 2: Hoare triple {4413#true} assume true; {4413#true} is VALID [2018-11-23 11:23:06,848 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {4413#true} {4413#true} #91#return; {4413#true} is VALID [2018-11-23 11:23:06,848 INFO L256 TraceCheckUtils]: 4: Hoare triple {4413#true} call #t~ret11 := main(); {4413#true} is VALID [2018-11-23 11:23:06,848 INFO L273 TraceCheckUtils]: 5: Hoare triple {4413#true} ~len~1 := 2bv32; {4433#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:06,849 INFO L273 TraceCheckUtils]: 6: Hoare triple {4433#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4437#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:06,849 INFO L273 TraceCheckUtils]: 7: Hoare triple {4437#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4441#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:06,850 INFO L273 TraceCheckUtils]: 8: Hoare triple {4441#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4445#(= (bvadd main_~len~1 (_ bv4294967291 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:06,850 INFO L273 TraceCheckUtils]: 9: Hoare triple {4445#(= (bvadd main_~len~1 (_ bv4294967291 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4449#(= (_ bv6 32) main_~len~1)} is VALID [2018-11-23 11:23:06,850 INFO L273 TraceCheckUtils]: 10: Hoare triple {4449#(= (_ bv6 32) main_~len~1)} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {4449#(= (_ bv6 32) main_~len~1)} is VALID [2018-11-23 11:23:06,851 INFO L256 TraceCheckUtils]: 11: Hoare triple {4449#(= (_ bv6 32) main_~len~1)} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {4413#true} is VALID [2018-11-23 11:23:06,851 INFO L273 TraceCheckUtils]: 12: Hoare triple {4413#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {4459#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:23:06,851 INFO L273 TraceCheckUtils]: 13: Hoare triple {4459#(= |sll_create_#in~len| sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4459#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:23:06,852 INFO L273 TraceCheckUtils]: 14: Hoare triple {4459#(= |sll_create_#in~len| sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4459#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:23:06,853 INFO L273 TraceCheckUtils]: 15: Hoare triple {4459#(= |sll_create_#in~len| sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4469#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:23:06,853 INFO L273 TraceCheckUtils]: 16: Hoare triple {4469#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4469#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:23:06,854 INFO L273 TraceCheckUtils]: 17: Hoare triple {4469#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4469#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:23:06,879 INFO L273 TraceCheckUtils]: 18: Hoare triple {4469#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4479#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} is VALID [2018-11-23 11:23:06,882 INFO L273 TraceCheckUtils]: 19: Hoare triple {4479#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:06,882 INFO L273 TraceCheckUtils]: 20: Hoare triple {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:06,883 INFO L273 TraceCheckUtils]: 21: Hoare triple {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} assume true; {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:06,884 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} {4449#(= (_ bv6 32) main_~len~1)} #95#return; {4414#false} is VALID [2018-11-23 11:23:06,884 INFO L273 TraceCheckUtils]: 23: Hoare triple {4414#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {4414#false} is VALID [2018-11-23 11:23:06,884 INFO L256 TraceCheckUtils]: 24: Hoare triple {4414#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {4414#false} is VALID [2018-11-23 11:23:06,884 INFO L273 TraceCheckUtils]: 25: Hoare triple {4414#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L273 TraceCheckUtils]: 26: Hoare triple {4414#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L273 TraceCheckUtils]: 27: Hoare triple {4414#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L273 TraceCheckUtils]: 28: Hoare triple {4414#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L273 TraceCheckUtils]: 29: Hoare triple {4414#false} #res := ~len~0; {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L273 TraceCheckUtils]: 30: Hoare triple {4414#false} assume true; {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L268 TraceCheckUtils]: 31: Hoare quadruple {4414#false} {4414#false} #97#return; {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L273 TraceCheckUtils]: 32: Hoare triple {4414#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {4414#false} is VALID [2018-11-23 11:23:06,885 INFO L273 TraceCheckUtils]: 33: Hoare triple {4414#false} assume !false; {4414#false} is VALID [2018-11-23 11:23:06,887 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-23 11:23:06,887 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:23:07,603 INFO L273 TraceCheckUtils]: 33: Hoare triple {4414#false} assume !false; {4414#false} is VALID [2018-11-23 11:23:07,603 INFO L273 TraceCheckUtils]: 32: Hoare triple {4414#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {4414#false} is VALID [2018-11-23 11:23:07,603 INFO L268 TraceCheckUtils]: 31: Hoare quadruple {4413#true} {4414#false} #97#return; {4414#false} is VALID [2018-11-23 11:23:07,603 INFO L273 TraceCheckUtils]: 30: Hoare triple {4413#true} assume true; {4413#true} is VALID [2018-11-23 11:23:07,604 INFO L273 TraceCheckUtils]: 29: Hoare triple {4413#true} #res := ~len~0; {4413#true} is VALID [2018-11-23 11:23:07,604 INFO L273 TraceCheckUtils]: 28: Hoare triple {4413#true} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {4413#true} is VALID [2018-11-23 11:23:07,604 INFO L273 TraceCheckUtils]: 27: Hoare triple {4413#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {4413#true} is VALID [2018-11-23 11:23:07,604 INFO L273 TraceCheckUtils]: 26: Hoare triple {4413#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {4413#true} is VALID [2018-11-23 11:23:07,604 INFO L273 TraceCheckUtils]: 25: Hoare triple {4413#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {4413#true} is VALID [2018-11-23 11:23:07,604 INFO L256 TraceCheckUtils]: 24: Hoare triple {4414#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {4413#true} is VALID [2018-11-23 11:23:07,604 INFO L273 TraceCheckUtils]: 23: Hoare triple {4414#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {4414#false} is VALID [2018-11-23 11:23:07,607 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} {4559#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} #95#return; {4414#false} is VALID [2018-11-23 11:23:07,607 INFO L273 TraceCheckUtils]: 21: Hoare triple {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} assume true; {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:07,608 INFO L273 TraceCheckUtils]: 20: Hoare triple {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:07,608 INFO L273 TraceCheckUtils]: 19: Hoare triple {4572#(or (bvsgt sll_create_~len (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !~bvsgt32(~len, 0bv32); {4483#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:07,614 INFO L273 TraceCheckUtils]: 18: Hoare triple {4576#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4572#(or (bvsgt sll_create_~len (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:23:07,620 INFO L273 TraceCheckUtils]: 17: Hoare triple {4576#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4576#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:23:07,622 INFO L273 TraceCheckUtils]: 16: Hoare triple {4576#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4576#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:23:07,630 INFO L273 TraceCheckUtils]: 15: Hoare triple {4586#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4576#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:23:07,632 INFO L273 TraceCheckUtils]: 14: Hoare triple {4586#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4586#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:23:07,632 INFO L273 TraceCheckUtils]: 13: Hoare triple {4586#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4586#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:23:07,634 INFO L273 TraceCheckUtils]: 12: Hoare triple {4413#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {4586#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967294 32)) (_ bv0 32))))} is VALID [2018-11-23 11:23:07,634 INFO L256 TraceCheckUtils]: 11: Hoare triple {4559#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {4413#true} is VALID [2018-11-23 11:23:07,634 INFO L273 TraceCheckUtils]: 10: Hoare triple {4559#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {4559#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:07,639 INFO L273 TraceCheckUtils]: 9: Hoare triple {4602#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4559#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:07,641 INFO L273 TraceCheckUtils]: 8: Hoare triple {4606#(bvsgt main_~len~1 (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4602#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:07,642 INFO L273 TraceCheckUtils]: 7: Hoare triple {4610#(bvsgt (bvadd main_~len~1 (_ bv1 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4606#(bvsgt main_~len~1 (_ bv0 32))} is VALID [2018-11-23 11:23:07,645 INFO L273 TraceCheckUtils]: 6: Hoare triple {4614#(bvsgt (bvadd main_~len~1 (_ bv2 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4610#(bvsgt (bvadd main_~len~1 (_ bv1 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:07,646 INFO L273 TraceCheckUtils]: 5: Hoare triple {4413#true} ~len~1 := 2bv32; {4614#(bvsgt (bvadd main_~len~1 (_ bv2 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:07,646 INFO L256 TraceCheckUtils]: 4: Hoare triple {4413#true} call #t~ret11 := main(); {4413#true} is VALID [2018-11-23 11:23:07,646 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {4413#true} {4413#true} #91#return; {4413#true} is VALID [2018-11-23 11:23:07,646 INFO L273 TraceCheckUtils]: 2: Hoare triple {4413#true} assume true; {4413#true} is VALID [2018-11-23 11:23:07,647 INFO L273 TraceCheckUtils]: 1: Hoare triple {4413#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {4413#true} is VALID [2018-11-23 11:23:07,647 INFO L256 TraceCheckUtils]: 0: Hoare triple {4413#true} call ULTIMATE.init(); {4413#true} is VALID [2018-11-23 11:23:07,648 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-23 11:23:07,650 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:23:07,650 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 11] total 19 [2018-11-23 11:23:07,650 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 34 [2018-11-23 11:23:07,651 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:23:07,651 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 19 states. [2018-11-23 11:23:07,771 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 56 edges. 56 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:23:07,772 INFO L459 AbstractCegarLoop]: Interpolant automaton has 19 states [2018-11-23 11:23:07,772 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2018-11-23 11:23:07,772 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=65, Invalid=277, Unknown=0, NotChecked=0, Total=342 [2018-11-23 11:23:07,773 INFO L87 Difference]: Start difference. First operand 52 states and 59 transitions. Second operand 19 states. [2018-11-23 11:23:10,887 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:10,888 INFO L93 Difference]: Finished difference Result 81 states and 92 transitions. [2018-11-23 11:23:10,888 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2018-11-23 11:23:10,888 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 34 [2018-11-23 11:23:10,888 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:23:10,888 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 19 states. [2018-11-23 11:23:10,890 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 88 transitions. [2018-11-23 11:23:10,890 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 19 states. [2018-11-23 11:23:10,896 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 88 transitions. [2018-11-23 11:23:10,896 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 14 states and 88 transitions. [2018-11-23 11:23:11,066 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 88 edges. 88 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:23:11,068 INFO L225 Difference]: With dead ends: 81 [2018-11-23 11:23:11,068 INFO L226 Difference]: Without dead ends: 66 [2018-11-23 11:23:11,069 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 71 GetRequests, 50 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=94, Invalid=412, Unknown=0, NotChecked=0, Total=506 [2018-11-23 11:23:11,069 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2018-11-23 11:23:11,276 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 36. [2018-11-23 11:23:11,276 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:23:11,276 INFO L82 GeneralOperation]: Start isEquivalent. First operand 66 states. Second operand 36 states. [2018-11-23 11:23:11,277 INFO L74 IsIncluded]: Start isIncluded. First operand 66 states. Second operand 36 states. [2018-11-23 11:23:11,277 INFO L87 Difference]: Start difference. First operand 66 states. Second operand 36 states. [2018-11-23 11:23:11,279 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:11,279 INFO L93 Difference]: Finished difference Result 66 states and 76 transitions. [2018-11-23 11:23:11,279 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 76 transitions. [2018-11-23 11:23:11,280 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:23:11,280 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:23:11,280 INFO L74 IsIncluded]: Start isIncluded. First operand 36 states. Second operand 66 states. [2018-11-23 11:23:11,281 INFO L87 Difference]: Start difference. First operand 36 states. Second operand 66 states. [2018-11-23 11:23:11,283 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:11,283 INFO L93 Difference]: Finished difference Result 66 states and 76 transitions. [2018-11-23 11:23:11,283 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 76 transitions. [2018-11-23 11:23:11,284 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:23:11,284 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:23:11,284 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:23:11,284 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:23:11,284 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 36 states. [2018-11-23 11:23:11,285 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 38 transitions. [2018-11-23 11:23:11,285 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 38 transitions. Word has length 34 [2018-11-23 11:23:11,286 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:23:11,286 INFO L480 AbstractCegarLoop]: Abstraction has 36 states and 38 transitions. [2018-11-23 11:23:11,286 INFO L481 AbstractCegarLoop]: Interpolant automaton has 19 states. [2018-11-23 11:23:11,286 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 38 transitions. [2018-11-23 11:23:11,286 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2018-11-23 11:23:11,287 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:23:11,287 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:23:11,287 INFO L423 AbstractCegarLoop]: === Iteration 13 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:23:11,287 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:23:11,287 INFO L82 PathProgramCache]: Analyzing trace with hash -570424038, now seen corresponding path program 5 times [2018-11-23 11:23:11,288 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:23:11,288 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 14 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 14 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:23:11,317 INFO L101 rtionOrderModulation]: Changing assertion order to INSIDE_LOOP_FIRST1 [2018-11-23 11:23:11,482 INFO L249 tOrderPrioritization]: Assert order INSIDE_LOOP_FIRST1 issued 4 check-sat command(s) [2018-11-23 11:23:11,482 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:23:11,502 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:23:11,504 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:23:11,679 INFO L256 TraceCheckUtils]: 0: Hoare triple {4952#true} call ULTIMATE.init(); {4952#true} is VALID [2018-11-23 11:23:11,680 INFO L273 TraceCheckUtils]: 1: Hoare triple {4952#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {4952#true} is VALID [2018-11-23 11:23:11,680 INFO L273 TraceCheckUtils]: 2: Hoare triple {4952#true} assume true; {4952#true} is VALID [2018-11-23 11:23:11,680 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {4952#true} {4952#true} #91#return; {4952#true} is VALID [2018-11-23 11:23:11,681 INFO L256 TraceCheckUtils]: 4: Hoare triple {4952#true} call #t~ret11 := main(); {4952#true} is VALID [2018-11-23 11:23:11,681 INFO L273 TraceCheckUtils]: 5: Hoare triple {4952#true} ~len~1 := 2bv32; {4972#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,682 INFO L273 TraceCheckUtils]: 6: Hoare triple {4972#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,683 INFO L273 TraceCheckUtils]: 7: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,683 INFO L256 TraceCheckUtils]: 8: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {4952#true} is VALID [2018-11-23 11:23:11,683 INFO L273 TraceCheckUtils]: 9: Hoare triple {4952#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {4952#true} is VALID [2018-11-23 11:23:11,683 INFO L273 TraceCheckUtils]: 10: Hoare triple {4952#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4952#true} is VALID [2018-11-23 11:23:11,683 INFO L273 TraceCheckUtils]: 11: Hoare triple {4952#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 12: Hoare triple {4952#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 13: Hoare triple {4952#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 14: Hoare triple {4952#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 15: Hoare triple {4952#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 16: Hoare triple {4952#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 17: Hoare triple {4952#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 18: Hoare triple {4952#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4952#true} is VALID [2018-11-23 11:23:11,684 INFO L273 TraceCheckUtils]: 19: Hoare triple {4952#true} assume !~bvsgt32(~len, 0bv32); {4952#true} is VALID [2018-11-23 11:23:11,685 INFO L273 TraceCheckUtils]: 20: Hoare triple {4952#true} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {4952#true} is VALID [2018-11-23 11:23:11,685 INFO L273 TraceCheckUtils]: 21: Hoare triple {4952#true} assume true; {4952#true} is VALID [2018-11-23 11:23:11,696 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {4952#true} {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} #95#return; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,697 INFO L273 TraceCheckUtils]: 23: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,697 INFO L256 TraceCheckUtils]: 24: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,698 INFO L273 TraceCheckUtils]: 25: Hoare triple {4952#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {5034#(= sll_length_~len~0 (_ bv0 32))} is VALID [2018-11-23 11:23:11,698 INFO L273 TraceCheckUtils]: 26: Hoare triple {5034#(= sll_length_~len~0 (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5038#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,699 INFO L273 TraceCheckUtils]: 27: Hoare triple {5038#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5042#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,700 INFO L273 TraceCheckUtils]: 28: Hoare triple {5042#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5046#(= (_ bv3 32) sll_length_~len~0)} is VALID [2018-11-23 11:23:11,700 INFO L273 TraceCheckUtils]: 29: Hoare triple {5046#(= (_ bv3 32) sll_length_~len~0)} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {5046#(= (_ bv3 32) sll_length_~len~0)} is VALID [2018-11-23 11:23:11,700 INFO L273 TraceCheckUtils]: 30: Hoare triple {5046#(= (_ bv3 32) sll_length_~len~0)} #res := ~len~0; {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,701 INFO L273 TraceCheckUtils]: 31: Hoare triple {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} assume true; {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,702 INFO L268 TraceCheckUtils]: 32: Hoare quadruple {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} #97#return; {5060#(and (= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32)) (= (_ bv3 32) |main_#t~ret10|))} is VALID [2018-11-23 11:23:11,703 INFO L273 TraceCheckUtils]: 33: Hoare triple {5060#(and (= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32)) (= (_ bv3 32) |main_#t~ret10|))} assume ~len~1 != #t~ret10;havoc #t~ret10; {4953#false} is VALID [2018-11-23 11:23:11,703 INFO L273 TraceCheckUtils]: 34: Hoare triple {4953#false} assume !false; {4953#false} is VALID [2018-11-23 11:23:11,705 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 0 proven. 7 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2018-11-23 11:23:11,705 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:23:11,861 INFO L273 TraceCheckUtils]: 34: Hoare triple {4953#false} assume !false; {4953#false} is VALID [2018-11-23 11:23:11,862 INFO L273 TraceCheckUtils]: 33: Hoare triple {5070#(= |main_#t~ret10| main_~len~1)} assume ~len~1 != #t~ret10;havoc #t~ret10; {4953#false} is VALID [2018-11-23 11:23:11,863 INFO L268 TraceCheckUtils]: 32: Hoare quadruple {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} #97#return; {5070#(= |main_#t~ret10| main_~len~1)} is VALID [2018-11-23 11:23:11,864 INFO L273 TraceCheckUtils]: 31: Hoare triple {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} assume true; {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,864 INFO L273 TraceCheckUtils]: 30: Hoare triple {5046#(= (_ bv3 32) sll_length_~len~0)} #res := ~len~0; {5053#(= (bvadd |sll_length_#res| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,865 INFO L273 TraceCheckUtils]: 29: Hoare triple {5046#(= (_ bv3 32) sll_length_~len~0)} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {5046#(= (_ bv3 32) sll_length_~len~0)} is VALID [2018-11-23 11:23:11,866 INFO L273 TraceCheckUtils]: 28: Hoare triple {5042#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5046#(= (_ bv3 32) sll_length_~len~0)} is VALID [2018-11-23 11:23:11,867 INFO L273 TraceCheckUtils]: 27: Hoare triple {5038#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5042#(= (bvadd sll_length_~len~0 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,868 INFO L273 TraceCheckUtils]: 26: Hoare triple {5034#(= sll_length_~len~0 (_ bv0 32))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5038#(= (bvadd sll_length_~len~0 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,869 INFO L273 TraceCheckUtils]: 25: Hoare triple {4952#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {5034#(= sll_length_~len~0 (_ bv0 32))} is VALID [2018-11-23 11:23:11,869 INFO L256 TraceCheckUtils]: 24: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,870 INFO L273 TraceCheckUtils]: 23: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,871 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {4952#true} {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} #95#return; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,871 INFO L273 TraceCheckUtils]: 21: Hoare triple {4952#true} assume true; {4952#true} is VALID [2018-11-23 11:23:11,871 INFO L273 TraceCheckUtils]: 20: Hoare triple {4952#true} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {4952#true} is VALID [2018-11-23 11:23:11,871 INFO L273 TraceCheckUtils]: 19: Hoare triple {4952#true} assume !~bvsgt32(~len, 0bv32); {4952#true} is VALID [2018-11-23 11:23:11,872 INFO L273 TraceCheckUtils]: 18: Hoare triple {4952#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4952#true} is VALID [2018-11-23 11:23:11,872 INFO L273 TraceCheckUtils]: 17: Hoare triple {4952#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,872 INFO L273 TraceCheckUtils]: 16: Hoare triple {4952#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4952#true} is VALID [2018-11-23 11:23:11,873 INFO L273 TraceCheckUtils]: 15: Hoare triple {4952#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4952#true} is VALID [2018-11-23 11:23:11,873 INFO L273 TraceCheckUtils]: 14: Hoare triple {4952#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,873 INFO L273 TraceCheckUtils]: 13: Hoare triple {4952#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4952#true} is VALID [2018-11-23 11:23:11,873 INFO L273 TraceCheckUtils]: 12: Hoare triple {4952#true} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {4952#true} is VALID [2018-11-23 11:23:11,874 INFO L273 TraceCheckUtils]: 11: Hoare triple {4952#true} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {4952#true} is VALID [2018-11-23 11:23:11,874 INFO L273 TraceCheckUtils]: 10: Hoare triple {4952#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {4952#true} is VALID [2018-11-23 11:23:11,874 INFO L273 TraceCheckUtils]: 9: Hoare triple {4952#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {4952#true} is VALID [2018-11-23 11:23:11,874 INFO L256 TraceCheckUtils]: 8: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {4952#true} is VALID [2018-11-23 11:23:11,895 INFO L273 TraceCheckUtils]: 7: Hoare triple {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,896 INFO L273 TraceCheckUtils]: 6: Hoare triple {4972#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {4976#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,897 INFO L273 TraceCheckUtils]: 5: Hoare triple {4952#true} ~len~1 := 2bv32; {4972#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:23:11,897 INFO L256 TraceCheckUtils]: 4: Hoare triple {4952#true} call #t~ret11 := main(); {4952#true} is VALID [2018-11-23 11:23:11,897 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {4952#true} {4952#true} #91#return; {4952#true} is VALID [2018-11-23 11:23:11,897 INFO L273 TraceCheckUtils]: 2: Hoare triple {4952#true} assume true; {4952#true} is VALID [2018-11-23 11:23:11,897 INFO L273 TraceCheckUtils]: 1: Hoare triple {4952#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {4952#true} is VALID [2018-11-23 11:23:11,897 INFO L256 TraceCheckUtils]: 0: Hoare triple {4952#true} call ULTIMATE.init(); {4952#true} is VALID [2018-11-23 11:23:11,898 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 0 proven. 7 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2018-11-23 11:23:11,900 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:23:11,900 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10] total 11 [2018-11-23 11:23:11,901 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 35 [2018-11-23 11:23:11,901 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:23:11,901 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states. [2018-11-23 11:23:11,944 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:23:11,945 INFO L459 AbstractCegarLoop]: Interpolant automaton has 11 states [2018-11-23 11:23:11,945 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2018-11-23 11:23:11,945 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=89, Unknown=0, NotChecked=0, Total=110 [2018-11-23 11:23:11,945 INFO L87 Difference]: Start difference. First operand 36 states and 38 transitions. Second operand 11 states. [2018-11-23 11:23:13,010 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:13,010 INFO L93 Difference]: Finished difference Result 50 states and 55 transitions. [2018-11-23 11:23:13,010 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2018-11-23 11:23:13,011 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 35 [2018-11-23 11:23:13,011 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:23:13,011 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2018-11-23 11:23:13,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 48 transitions. [2018-11-23 11:23:13,012 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2018-11-23 11:23:13,013 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 48 transitions. [2018-11-23 11:23:13,013 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 48 transitions. [2018-11-23 11:23:13,524 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 48 edges. 48 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:23:13,526 INFO L225 Difference]: With dead ends: 50 [2018-11-23 11:23:13,526 INFO L226 Difference]: Without dead ends: 47 [2018-11-23 11:23:13,526 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 70 GetRequests, 58 SyntacticMatches, 2 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=25, Invalid=107, Unknown=0, NotChecked=0, Total=132 [2018-11-23 11:23:13,527 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 47 states. [2018-11-23 11:23:13,625 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 47 to 44. [2018-11-23 11:23:13,625 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:23:13,625 INFO L82 GeneralOperation]: Start isEquivalent. First operand 47 states. Second operand 44 states. [2018-11-23 11:23:13,625 INFO L74 IsIncluded]: Start isIncluded. First operand 47 states. Second operand 44 states. [2018-11-23 11:23:13,625 INFO L87 Difference]: Start difference. First operand 47 states. Second operand 44 states. [2018-11-23 11:23:13,627 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:13,627 INFO L93 Difference]: Finished difference Result 47 states and 52 transitions. [2018-11-23 11:23:13,627 INFO L276 IsEmpty]: Start isEmpty. Operand 47 states and 52 transitions. [2018-11-23 11:23:13,627 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:23:13,627 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:23:13,627 INFO L74 IsIncluded]: Start isIncluded. First operand 44 states. Second operand 47 states. [2018-11-23 11:23:13,627 INFO L87 Difference]: Start difference. First operand 44 states. Second operand 47 states. [2018-11-23 11:23:13,629 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:23:13,629 INFO L93 Difference]: Finished difference Result 47 states and 52 transitions. [2018-11-23 11:23:13,629 INFO L276 IsEmpty]: Start isEmpty. Operand 47 states and 52 transitions. [2018-11-23 11:23:13,629 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:23:13,629 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:23:13,629 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:23:13,630 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:23:13,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 44 states. [2018-11-23 11:23:13,631 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 44 states to 44 states and 50 transitions. [2018-11-23 11:23:13,631 INFO L78 Accepts]: Start accepts. Automaton has 44 states and 50 transitions. Word has length 35 [2018-11-23 11:23:13,631 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:23:13,631 INFO L480 AbstractCegarLoop]: Abstraction has 44 states and 50 transitions. [2018-11-23 11:23:13,631 INFO L481 AbstractCegarLoop]: Interpolant automaton has 11 states. [2018-11-23 11:23:13,632 INFO L276 IsEmpty]: Start isEmpty. Operand 44 states and 50 transitions. [2018-11-23 11:23:13,632 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2018-11-23 11:23:13,632 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:23:13,632 INFO L402 BasicCegarLoop]: trace histogram [4, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:23:13,633 INFO L423 AbstractCegarLoop]: === Iteration 14 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:23:13,633 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:23:13,633 INFO L82 PathProgramCache]: Analyzing trace with hash 1098765698, now seen corresponding path program 6 times [2018-11-23 11:23:13,633 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:23:13,633 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 15 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 15 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:23:13,661 INFO L101 rtionOrderModulation]: Changing assertion order to MIX_INSIDE_OUTSIDE [2018-11-23 11:23:13,889 INFO L249 tOrderPrioritization]: Assert order MIX_INSIDE_OUTSIDE issued 4 check-sat command(s) [2018-11-23 11:23:13,889 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:23:13,945 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:23:13,947 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:23:14,318 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-23 11:23:14,320 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,331 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,331 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:16, output treesize:15 [2018-11-23 11:23:14,334 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:23:14,335 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_114|]. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= |#valid| (store |v_#valid_114| sll_create_~new_head~0.base (_ bv1 1))) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32))) [2018-11-23 11:23:14,335 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (= (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (= sll_create_~head~0.base (_ bv0 32))) [2018-11-23 11:23:14,379 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:23:14,385 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:23:14,391 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,395 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,416 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:23:14,422 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:23:14,428 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,431 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,442 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,443 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:31, output treesize:23 [2018-11-23 11:23:14,504 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:23:14,506 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:23:14,507 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 21 [2018-11-23 11:23:14,509 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,529 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,530 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:37, output treesize:36 [2018-11-23 11:23:14,535 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:23:14,536 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_115|]. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 1) (select |v_#valid_115| sll_create_~new_head~0.base)) (= (_ bv0 32) sll_create_~head~0.offset) (= |#valid| (store |v_#valid_115| sll_create_~new_head~0.base (_ bv1 1))) (= (select |v_#valid_115| sll_create_~head~0.base) (_ bv1 1))) [2018-11-23 11:23:14,536 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset) (= (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1)))) [2018-11-23 11:23:14,624 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 20 [2018-11-23 11:23:14,631 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:23:14,633 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,647 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,699 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 24 [2018-11-23 11:23:14,705 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:23:14,706 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,718 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,747 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,747 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:55, output treesize:56 [2018-11-23 11:23:14,827 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:23:14,829 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:23:14,831 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 21 [2018-11-23 11:23:14,832 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,864 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:14,865 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:64, output treesize:56 [2018-11-23 11:23:14,871 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:23:14,871 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_116|]. (let ((.cse0 (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)))) (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select |v_#valid_116| sll_create_~head~0.base) (_ bv1 1)) (not (= (_ bv0 1) (select |v_#valid_116| .cse0))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| .cse0) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= .cse0 sll_create_~head~0.base)) (= (_ bv0 1) (select |v_#valid_116| sll_create_~new_head~0.base)) (= (select (select |#memory_$Pointer$.base| .cse0) (_ bv0 32)) (_ bv0 32)))) [2018-11-23 11:23:14,871 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (let ((.cse0 (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)))) (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| .cse0) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= .cse0 sll_create_~head~0.base)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (= (select (select |#memory_$Pointer$.base| .cse0) (_ bv0 32)) (_ bv0 32)) (not (= .cse0 sll_create_~new_head~0.base)))) [2018-11-23 11:23:15,002 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 30 treesize of output 47 [2018-11-23 11:23:15,009 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:23:15,010 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:15,032 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:15,111 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:23:15,115 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 50 treesize of output 63 [2018-11-23 11:23:15,130 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 16 [2018-11-23 11:23:15,132 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:15,159 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:15,210 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:23:15,211 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:75, output treesize:80 [2018-11-23 11:23:17,149 INFO L256 TraceCheckUtils]: 0: Hoare triple {5410#true} call ULTIMATE.init(); {5410#true} is VALID [2018-11-23 11:23:17,149 INFO L273 TraceCheckUtils]: 1: Hoare triple {5410#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {5410#true} is VALID [2018-11-23 11:23:17,149 INFO L273 TraceCheckUtils]: 2: Hoare triple {5410#true} assume true; {5410#true} is VALID [2018-11-23 11:23:17,150 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {5410#true} {5410#true} #91#return; {5410#true} is VALID [2018-11-23 11:23:17,150 INFO L256 TraceCheckUtils]: 4: Hoare triple {5410#true} call #t~ret11 := main(); {5410#true} is VALID [2018-11-23 11:23:17,150 INFO L273 TraceCheckUtils]: 5: Hoare triple {5410#true} ~len~1 := 2bv32; {5410#true} is VALID [2018-11-23 11:23:17,150 INFO L273 TraceCheckUtils]: 6: Hoare triple {5410#true} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {5410#true} is VALID [2018-11-23 11:23:17,150 INFO L273 TraceCheckUtils]: 7: Hoare triple {5410#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {5410#true} is VALID [2018-11-23 11:23:17,150 INFO L256 TraceCheckUtils]: 8: Hoare triple {5410#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {5410#true} is VALID [2018-11-23 11:23:17,151 INFO L273 TraceCheckUtils]: 9: Hoare triple {5410#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {5442#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:23:17,152 INFO L273 TraceCheckUtils]: 10: Hoare triple {5442#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {5446#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:23:17,153 INFO L273 TraceCheckUtils]: 11: Hoare triple {5446#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {5446#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:23:17,156 INFO L273 TraceCheckUtils]: 12: Hoare triple {5446#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {5453#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset))} is VALID [2018-11-23 11:23:17,159 INFO L273 TraceCheckUtils]: 13: Hoare triple {5453#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) sll_create_~head~0.offset))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {5457#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} is VALID [2018-11-23 11:23:17,160 INFO L273 TraceCheckUtils]: 14: Hoare triple {5457#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {5457#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} is VALID [2018-11-23 11:23:17,164 INFO L273 TraceCheckUtils]: 15: Hoare triple {5457#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {5464#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:17,167 INFO L273 TraceCheckUtils]: 16: Hoare triple {5464#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {5468#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:23:17,168 INFO L273 TraceCheckUtils]: 17: Hoare triple {5468#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {5468#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:23:17,174 INFO L273 TraceCheckUtils]: 18: Hoare triple {5468#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {5475#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:17,175 INFO L273 TraceCheckUtils]: 19: Hoare triple {5475#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} assume !~bvsgt32(~len, 0bv32); {5475#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:17,177 INFO L273 TraceCheckUtils]: 20: Hoare triple {5475#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {5482#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:17,177 INFO L273 TraceCheckUtils]: 21: Hoare triple {5482#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} assume true; {5482#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} is VALID [2018-11-23 11:23:17,179 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {5482#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)))} {5410#true} #95#return; {5489#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) |main_#t~ret9.base|)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) |main_#t~ret9.offset|))} is VALID [2018-11-23 11:23:17,182 INFO L273 TraceCheckUtils]: 23: Hoare triple {5489#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) |main_#t~ret9.base|)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) |main_#t~ret9.offset|))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {5493#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) main_~s~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)))))} is VALID [2018-11-23 11:23:17,185 INFO L256 TraceCheckUtils]: 24: Hoare triple {5493#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) main_~s~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)))))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {5497#(exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11))))} is VALID [2018-11-23 11:23:17,186 INFO L273 TraceCheckUtils]: 25: Hoare triple {5497#(exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {5501#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (= sll_length_~head.base |sll_length_#in~head.base|) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))))} is VALID [2018-11-23 11:23:17,188 INFO L273 TraceCheckUtils]: 26: Hoare triple {5501#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (= sll_length_~head.base |sll_length_#in~head.base|) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5505#(and (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} is VALID [2018-11-23 11:23:17,192 INFO L273 TraceCheckUtils]: 27: Hoare triple {5505#(and (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5509#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.offset) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} is VALID [2018-11-23 11:23:17,196 INFO L273 TraceCheckUtils]: 28: Hoare triple {5509#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.offset) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5513#(and (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) sll_length_~head.base))} is VALID [2018-11-23 11:23:17,199 INFO L273 TraceCheckUtils]: 29: Hoare triple {5513#(and (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))) (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) sll_length_~head.base))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} is VALID [2018-11-23 11:23:17,200 INFO L273 TraceCheckUtils]: 30: Hoare triple {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} is VALID [2018-11-23 11:23:17,200 INFO L273 TraceCheckUtils]: 31: Hoare triple {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} #res := ~len~0; {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} is VALID [2018-11-23 11:23:17,201 INFO L273 TraceCheckUtils]: 32: Hoare triple {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} assume true; {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} is VALID [2018-11-23 11:23:17,206 INFO L268 TraceCheckUtils]: 33: Hoare quadruple {5517#(or (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))))) (and (exists ((v_main_~s~0.base_BEFORE_CALL_11 (_ BitVec 32))) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_11) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_11)))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)))))} {5493#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) main_~s~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)))))} #97#return; {5411#false} is VALID [2018-11-23 11:23:17,207 INFO L273 TraceCheckUtils]: 34: Hoare triple {5411#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {5411#false} is VALID [2018-11-23 11:23:17,207 INFO L273 TraceCheckUtils]: 35: Hoare triple {5411#false} assume !false; {5411#false} is VALID [2018-11-23 11:23:17,216 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 0 proven. 22 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:23:17,216 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:23:20,246 WARN L180 SmtUtils]: Spent 1.76 s on a formula simplification that was a NOOP. DAG size: 88 [2018-11-23 11:23:21,467 WARN L180 SmtUtils]: Spent 1.21 s on a formula simplification that was a NOOP. DAG size: 52 [2018-11-23 11:23:23,007 WARN L180 SmtUtils]: Spent 1.54 s on a formula simplification that was a NOOP. DAG size: 56 [2018-11-23 11:23:24,660 WARN L180 SmtUtils]: Spent 1.65 s on a formula simplification that was a NOOP. DAG size: 56 [2018-11-23 11:23:29,204 WARN L180 SmtUtils]: Spent 112.00 ms on a formula simplification that was a NOOP. DAG size: 46 [2018-11-23 11:23:35,581 WARN L180 SmtUtils]: Spent 1.11 s on a formula simplification that was a NOOP. DAG size: 54 [2018-11-23 11:23:57,125 WARN L180 SmtUtils]: Spent 2.07 s on a formula simplification that was a NOOP. DAG size: 69 [2018-11-23 11:23:59,533 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 199 treesize of output 144 [2018-11-23 11:23:59,546 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:23:59,548 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:23:59,737 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 128 treesize of output 122 [2018-11-23 11:24:00,671 WARN L180 SmtUtils]: Spent 904.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 89 [2018-11-23 11:24:00,684 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 103 treesize of output 102 [2018-11-23 11:24:00,686 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:00,694 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 104 treesize of output 103 [2018-11-23 11:24:00,700 INFO L267 ElimStorePlain]: Start of recursive call 6: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:00,721 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 115 treesize of output 114 [2018-11-23 11:24:00,724 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:00,733 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 163 treesize of output 162 [2018-11-23 11:24:00,736 INFO L267 ElimStorePlain]: Start of recursive call 8: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:01,423 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 99 treesize of output 105 [2018-11-23 11:24:01,428 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 2 xjuncts. [2018-11-23 11:24:02,275 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:02,283 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:02,362 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 4 select indices, 4 select index equivalence classes, 2 disjoint index pairs (out of 6 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 114 treesize of output 114 [2018-11-23 11:24:02,373 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:02,375 INFO L267 ElimStorePlain]: Start of recursive call 11: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:02,453 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:02,454 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:02,514 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 102 treesize of output 104 [2018-11-23 11:24:02,535 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 87 treesize of output 81 [2018-11-23 11:24:02,538 INFO L267 ElimStorePlain]: Start of recursive call 13: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,023 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 89 treesize of output 83 [2018-11-23 11:24:03,092 INFO L267 ElimStorePlain]: Start of recursive call 14: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,216 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:03,217 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 78 treesize of output 74 [2018-11-23 11:24:03,229 INFO L267 ElimStorePlain]: Start of recursive call 15: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,337 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:03,372 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 83 treesize of output 139 [2018-11-23 11:24:03,377 INFO L267 ElimStorePlain]: Start of recursive call 16: End of recursive call: and 2 xjuncts. [2018-11-23 11:24:03,481 INFO L267 ElimStorePlain]: Start of recursive call 12: 4 dim-1 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:24:03,584 INFO L267 ElimStorePlain]: Start of recursive call 10: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:24:03,596 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:03,598 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:03,604 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:03,621 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:03,639 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 103 treesize of output 118 [2018-11-23 11:24:03,664 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:03,688 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 2 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 33 treesize of output 28 [2018-11-23 11:24:03,689 INFO L267 ElimStorePlain]: Start of recursive call 18: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,753 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:03,753 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:03,754 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 19 [2018-11-23 11:24:03,779 INFO L478 Elim1Store]: Elim1 applied some preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 10 treesize of output 14 [2018-11-23 11:24:03,786 INFO L267 ElimStorePlain]: Start of recursive call 20: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,798 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 1 [2018-11-23 11:24:03,800 INFO L267 ElimStorePlain]: Start of recursive call 21: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,806 INFO L267 ElimStorePlain]: Start of recursive call 19: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,817 INFO L267 ElimStorePlain]: Start of recursive call 17: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:03,839 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:03,861 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:03,942 INFO L303 Elim1Store]: Index analysis took 123 ms [2018-11-23 11:24:04,019 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 4 select indices, 4 select index equivalence classes, 1 disjoint index pairs (out of 6 index pairs), introduced 3 new quantified variables, introduced 8 case distinctions, treesize of input 162 treesize of output 183 [2018-11-23 11:24:04,139 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 173 treesize of output 172 [2018-11-23 11:24:04,164 INFO L267 ElimStorePlain]: Start of recursive call 23: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:04,777 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:04,815 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:04,817 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 2 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 157 treesize of output 289 [2018-11-23 11:24:04,819 INFO L267 ElimStorePlain]: Start of recursive call 24: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:05,138 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:05,187 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 161 treesize of output 162 [2018-11-23 11:24:05,207 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:05,208 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 150 treesize of output 146 [2018-11-23 11:24:05,215 INFO L267 ElimStorePlain]: Start of recursive call 26: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:05,382 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 79 treesize of output 73 [2018-11-23 11:24:05,383 INFO L267 ElimStorePlain]: Start of recursive call 27: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:05,520 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:05,533 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 150 treesize of output 143 [2018-11-23 11:24:05,536 INFO L267 ElimStorePlain]: Start of recursive call 28: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:05,658 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 76 treesize of output 70 [2018-11-23 11:24:05,660 INFO L267 ElimStorePlain]: Start of recursive call 29: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:05,722 INFO L267 ElimStorePlain]: Start of recursive call 25: 4 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:05,954 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:06,034 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 161 treesize of output 168 [2018-11-23 11:24:06,058 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:06,070 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 147 treesize of output 140 [2018-11-23 11:24:06,073 INFO L267 ElimStorePlain]: Start of recursive call 31: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:06,327 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:06,345 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 141 treesize of output 134 [2018-11-23 11:24:06,348 INFO L267 ElimStorePlain]: Start of recursive call 32: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:06,429 INFO L267 ElimStorePlain]: Start of recursive call 30: 4 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:06,498 INFO L267 ElimStorePlain]: Start of recursive call 22: 2 dim-1 vars, 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:07,038 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:07,038 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:07,060 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 96 treesize of output 108 [2018-11-23 11:24:07,090 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:07,091 INFO L267 ElimStorePlain]: Start of recursive call 34: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:07,135 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:07,139 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 84 treesize of output 81 [2018-11-23 11:24:07,154 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:07,155 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 72 treesize of output 68 [2018-11-23 11:24:07,158 INFO L267 ElimStorePlain]: Start of recursive call 36: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:07,177 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 1 [2018-11-23 11:24:07,177 INFO L267 ElimStorePlain]: Start of recursive call 37: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:07,180 INFO L267 ElimStorePlain]: Start of recursive call 35: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:07,189 INFO L267 ElimStorePlain]: Start of recursive call 33: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:07,316 INFO L267 ElimStorePlain]: Start of recursive call 4: 2 dim-1 vars, 3 dim-2 vars, End of recursive call: and 4 xjuncts. [2018-11-23 11:24:07,457 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 4 xjuncts. [2018-11-23 11:24:07,983 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 82 treesize of output 59 [2018-11-23 11:24:07,993 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:08,000 INFO L267 ElimStorePlain]: Start of recursive call 39: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:08,092 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 40 treesize of output 50 [2018-11-23 11:24:08,381 WARN L180 SmtUtils]: Spent 248.00 ms on a formula simplification. DAG size of input: 51 DAG size of output: 47 [2018-11-23 11:24:08,388 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 30 [2018-11-23 11:24:08,390 INFO L267 ElimStorePlain]: Start of recursive call 41: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:08,494 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:08,497 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 31 [2018-11-23 11:24:08,500 INFO L267 ElimStorePlain]: Start of recursive call 42: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:08,613 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 27 [2018-11-23 11:24:08,627 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 3 [2018-11-23 11:24:08,629 INFO L267 ElimStorePlain]: Start of recursive call 44: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:08,641 INFO L267 ElimStorePlain]: Start of recursive call 43: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:08,663 INFO L267 ElimStorePlain]: Start of recursive call 40: 2 dim-1 vars, 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:08,682 INFO L267 ElimStorePlain]: Start of recursive call 38: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:09,083 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 199 treesize of output 144 [2018-11-23 11:24:09,095 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:09,124 INFO L267 ElimStorePlain]: Start of recursive call 46: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:09,308 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 128 treesize of output 122 [2018-11-23 11:24:10,095 WARN L180 SmtUtils]: Spent 746.00 ms on a formula simplification. DAG size of input: 90 DAG size of output: 83 [2018-11-23 11:24:10,106 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:10,113 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 114 treesize of output 118 [2018-11-23 11:24:10,116 INFO L267 ElimStorePlain]: Start of recursive call 48: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:10,407 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 115 treesize of output 114 [2018-11-23 11:24:10,410 INFO L267 ElimStorePlain]: Start of recursive call 49: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:10,424 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 163 treesize of output 162 [2018-11-23 11:24:10,426 INFO L267 ElimStorePlain]: Start of recursive call 50: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:10,755 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:10,767 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:10,815 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:10,863 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 4 select indices, 4 select index equivalence classes, 3 disjoint index pairs (out of 6 index pairs), introduced 3 new quantified variables, introduced 6 case distinctions, treesize of input 114 treesize of output 380 [2018-11-23 11:24:10,895 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 245 treesize of output 251 [2018-11-23 11:24:10,898 INFO L267 ElimStorePlain]: Start of recursive call 52: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:11,168 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 230 treesize of output 229 [2018-11-23 11:24:11,170 INFO L267 ElimStorePlain]: Start of recursive call 53: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:11,346 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:11,347 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:11,360 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:11,361 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 5 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 229 treesize of output 166 [2018-11-23 11:24:11,389 INFO L478 Elim1Store]: Elim1 applied some preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 10 treesize of output 14 [2018-11-23 11:24:11,393 INFO L267 ElimStorePlain]: Start of recursive call 55: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:11,451 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 9 [2018-11-23 11:24:11,452 INFO L267 ElimStorePlain]: Start of recursive call 56: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:11,507 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 3 [2018-11-23 11:24:11,511 INFO L267 ElimStorePlain]: Start of recursive call 57: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:11,543 INFO L267 ElimStorePlain]: Start of recursive call 54: 3 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:11,698 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:11,699 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:11,711 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:11,729 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 229 treesize of output 172 [2018-11-23 11:24:11,753 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 163 treesize of output 167 [2018-11-23 11:24:11,819 INFO L478 Elim1Store]: Elim1 applied some preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 21 treesize of output 28 [2018-11-23 11:24:11,828 INFO L267 ElimStorePlain]: Start of recursive call 60: 2 dim-0 vars, End of recursive call: 2 dim-0 vars, and 3 xjuncts. [2018-11-23 11:24:11,896 INFO L267 ElimStorePlain]: Start of recursive call 59: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:11,993 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 29 treesize of output 16 [2018-11-23 11:24:12,016 INFO L267 ElimStorePlain]: Start of recursive call 61: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,088 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 10 [2018-11-23 11:24:12,090 INFO L267 ElimStorePlain]: Start of recursive call 62: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,125 INFO L267 ElimStorePlain]: Start of recursive call 58: 4 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,169 INFO L267 ElimStorePlain]: Start of recursive call 51: 2 dim-1 vars, 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,185 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:12,186 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:12,233 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 4 select indices, 4 select index equivalence classes, 3 disjoint index pairs (out of 6 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 162 treesize of output 353 [2018-11-23 11:24:12,260 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:12,261 INFO L267 ElimStorePlain]: Start of recursive call 64: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,331 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:12,332 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:12,348 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 4 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 0 case distinctions, treesize of input 156 treesize of output 155 [2018-11-23 11:24:12,370 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 10 [2018-11-23 11:24:12,371 INFO L267 ElimStorePlain]: Start of recursive call 66: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,401 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 1 [2018-11-23 11:24:12,402 INFO L267 ElimStorePlain]: Start of recursive call 67: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,409 INFO L267 ElimStorePlain]: Start of recursive call 65: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,432 INFO L267 ElimStorePlain]: Start of recursive call 63: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:12,665 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:12,671 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:12,732 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:12,805 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 4 select indices, 4 select index equivalence classes, 2 disjoint index pairs (out of 6 index pairs), introduced 3 new quantified variables, introduced 8 case distinctions, treesize of input 114 treesize of output 315 [2018-11-23 11:24:12,836 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 365 treesize of output 363 [2018-11-23 11:24:12,842 INFO L267 ElimStorePlain]: Start of recursive call 69: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:13,169 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:13,170 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:13,187 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 2 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 106 treesize of output 114 [2018-11-23 11:24:13,189 INFO L267 ElimStorePlain]: Start of recursive call 70: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:13,416 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:13,432 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:13,450 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 3 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 289 treesize of output 169 [2018-11-23 11:24:13,483 INFO L478 Elim1Store]: Elim1 applied some preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 99 treesize of output 103 [2018-11-23 11:24:13,489 INFO L267 ElimStorePlain]: Start of recursive call 72: 1 dim-0 vars, End of recursive call: 1 dim-0 vars, and 2 xjuncts. [2018-11-23 11:24:13,617 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:13,623 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 81 treesize of output 70 [2018-11-23 11:24:13,625 INFO L267 ElimStorePlain]: Start of recursive call 73: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:13,719 INFO L267 ElimStorePlain]: Start of recursive call 71: 4 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:13,888 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:13,905 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:13,947 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 352 treesize of output 176 [2018-11-23 11:24:13,983 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 2 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 98 treesize of output 96 [2018-11-23 11:24:14,013 INFO L478 Elim1Store]: Elim1 applied some preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 10 treesize of output 14 [2018-11-23 11:24:14,021 INFO L267 ElimStorePlain]: Start of recursive call 76: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:14,084 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 7 [2018-11-23 11:24:14,106 INFO L267 ElimStorePlain]: Start of recursive call 77: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:14,131 INFO L267 ElimStorePlain]: Start of recursive call 75: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:14,276 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:14,285 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 7 [2018-11-23 11:24:14,287 INFO L267 ElimStorePlain]: Start of recursive call 78: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:14,336 INFO L267 ElimStorePlain]: Start of recursive call 74: 3 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:14,374 INFO L267 ElimStorePlain]: Start of recursive call 68: 2 dim-1 vars, 3 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:14,476 INFO L267 ElimStorePlain]: Start of recursive call 47: 2 dim-1 vars, 3 dim-2 vars, End of recursive call: and 2 xjuncts. [2018-11-23 11:24:14,573 INFO L267 ElimStorePlain]: Start of recursive call 45: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 2 xjuncts. [2018-11-23 11:24:15,762 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 85 treesize of output 62 [2018-11-23 11:24:15,802 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:15,825 INFO L267 ElimStorePlain]: Start of recursive call 80: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:16,142 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 40 treesize of output 36 [2018-11-23 11:24:16,349 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:16,350 INFO L267 ElimStorePlain]: Start of recursive call 82: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:16,383 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 24 treesize of output 21 [2018-11-23 11:24:16,393 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 1 [2018-11-23 11:24:16,394 INFO L267 ElimStorePlain]: Start of recursive call 84: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:16,413 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 3 [2018-11-23 11:24:16,414 INFO L267 ElimStorePlain]: Start of recursive call 85: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:16,419 INFO L267 ElimStorePlain]: Start of recursive call 83: 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:16,425 INFO L267 ElimStorePlain]: Start of recursive call 81: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:16,445 INFO L267 ElimStorePlain]: Start of recursive call 79: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:16,590 INFO L267 ElimStorePlain]: Start of recursive call 1: 4 dim-0 vars, 4 dim-2 vars, End of recursive call: 10 dim-0 vars, and 6 xjuncts. [2018-11-23 11:24:16,590 INFO L202 ElimStorePlain]: Needed 85 recursive calls to eliminate 8 variables, input treesize:399, output treesize:141 [2018-11-23 11:24:18,657 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:24:18,658 WARN L384 uantifierElimination]: Input elimination task: ∀ [v_prenex_14, v_prenex_12, v_sll_create_~new_head~0.base_65, v_prenex_13, |#memory_$Pointer$.offset|, v_sll_create_~new_head~0.base_66, v_prenex_11, |#memory_$Pointer$.base|]. (and (or (= (_ bv0 32) (select (let ((.cse0 (let ((.cse1 (let ((.cse2 (store v_prenex_14 sll_create_~new_head~0.base (store (select v_prenex_14 sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)))) (store .cse2 v_prenex_12 (store (select .cse2 v_prenex_12) (_ bv0 32) sll_create_~new_head~0.base))))) (store .cse1 v_sll_create_~new_head~0.base_65 (store (select .cse1 v_sll_create_~new_head~0.base_65) (_ bv0 32) v_prenex_12))))) (select .cse0 (select (select .cse0 v_prenex_12) (_ bv0 32)))) (select (select (let ((.cse3 (let ((.cse4 (store v_prenex_13 sll_create_~new_head~0.base (store (select v_prenex_13 sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)))) (store .cse4 v_prenex_12 (store (select .cse4 v_prenex_12) (_ bv0 32) sll_create_~new_head~0.offset))))) (store .cse3 v_sll_create_~new_head~0.base_65 (store (select .cse3 v_sll_create_~new_head~0.base_65) (_ bv0 32) (_ bv0 32)))) v_prenex_12) (_ bv0 32)))) (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1)))) (or (not (= (_ bv0 1) (select (store |#valid| v_sll_create_~new_head~0.base_66 (_ bv1 1)) v_prenex_11))) (not (= (select |#valid| v_sll_create_~new_head~0.base_66) (_ bv0 1))) (= (_ bv0 32) (let ((.cse5 (let ((.cse8 (let ((.cse9 (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)))) (store .cse9 v_sll_create_~new_head~0.base_66 (store (select .cse9 v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~new_head~0.offset))))) (store .cse8 v_prenex_11 (store (select .cse8 v_prenex_11) (_ bv0 32) (_ bv0 32)))))) (select (select .cse5 (select (select (let ((.cse6 (let ((.cse7 (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)))) (store .cse7 v_sll_create_~new_head~0.base_66 (store (select .cse7 v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~new_head~0.base))))) (store .cse6 v_prenex_11 (store (select .cse6 v_prenex_11) (_ bv0 32) v_sll_create_~new_head~0.base_66))) v_sll_create_~new_head~0.base_66) (_ bv0 32))) (select (select .cse5 v_sll_create_~new_head~0.base_66) (_ bv0 32))))))) [2018-11-23 11:24:18,658 WARN L385 uantifierElimination]: ElimStorePlain result: ∀ [v_prenex_49, v_prenex_50, v_prenex_46, v_prenex_47, v_prenex_45, v_prenex_12, v_sll_create_~new_head~0.base_65, v_sll_create_~new_head~0.base_66, v_prenex_11, v_prenex_48]. (let ((.cse0 (= sll_create_~new_head~0.offset (_ bv0 32)))) (let ((.cse2 (= sll_create_~head~0.base (_ bv0 32))) (.cse1 (= (_ bv0 32) sll_create_~head~0.offset)) (.cse3 (not .cse0))) (and (or (not (= (_ bv0 1) (select (store |#valid| v_prenex_49 (_ bv1 1)) v_prenex_50))) .cse0 (not (= (select |#valid| v_prenex_49) (_ bv0 1))) .cse1) (or (= v_prenex_47 sll_create_~new_head~0.base) (not (= (select |#valid| v_prenex_46) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_46 (_ bv1 1)) v_prenex_47) (_ bv0 1))) (= v_prenex_46 sll_create_~new_head~0.base) .cse2) (or (not (= (select (store |#valid| sll_create_~new_head~0.base (_ bv1 1)) v_prenex_45) (_ bv0 1))) (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) .cse3 (= (_ bv0 32) sll_create_~new_head~0.base)) (or .cse0 (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1))) .cse2) (or (not (= (_ bv0 1) (select (store |#valid| v_sll_create_~new_head~0.base_66 (_ bv1 1)) v_prenex_11))) (not (= (select |#valid| v_sll_create_~new_head~0.base_66) (_ bv0 1))) (= v_prenex_11 sll_create_~new_head~0.base) (= v_sll_create_~new_head~0.base_66 sll_create_~new_head~0.base) .cse1) (or (= (_ bv0 32) v_prenex_48) (not (= (select |#valid| v_prenex_48) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_prenex_48 (_ bv1 1)) sll_create_~new_head~0.base))) .cse3)))) [2018-11-23 11:24:21,051 WARN L180 SmtUtils]: Spent 237.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 47 [2018-11-23 11:24:21,176 INFO L273 TraceCheckUtils]: 35: Hoare triple {5411#false} assume !false; {5411#false} is VALID [2018-11-23 11:24:21,176 INFO L273 TraceCheckUtils]: 34: Hoare triple {5411#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {5411#false} is VALID [2018-11-23 11:24:21,178 INFO L268 TraceCheckUtils]: 33: Hoare quadruple {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} {5542#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (_ bv0 32)))} #97#return; {5411#false} is VALID [2018-11-23 11:24:21,178 INFO L273 TraceCheckUtils]: 32: Hoare triple {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} assume true; {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} is VALID [2018-11-23 11:24:21,179 INFO L273 TraceCheckUtils]: 31: Hoare triple {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} #res := ~len~0; {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} is VALID [2018-11-23 11:24:21,180 INFO L273 TraceCheckUtils]: 30: Hoare triple {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} is VALID [2018-11-23 11:24:21,183 INFO L273 TraceCheckUtils]: 29: Hoare triple {5559#(or (and (= sll_length_~head.offset (_ bv0 32)) (= (_ bv0 32) sll_length_~head.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5546#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} is VALID [2018-11-23 11:24:21,185 INFO L273 TraceCheckUtils]: 28: Hoare triple {5563#(or (and (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5559#(or (and (= sll_length_~head.offset (_ bv0 32)) (= (_ bv0 32) sll_length_~head.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} is VALID [2018-11-23 11:24:21,188 INFO L273 TraceCheckUtils]: 27: Hoare triple {5567#(or (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5563#(or (and (= (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} is VALID [2018-11-23 11:24:21,189 INFO L273 TraceCheckUtils]: 26: Hoare triple {5571#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5567#(or (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))))} is VALID [2018-11-23 11:24:21,190 INFO L273 TraceCheckUtils]: 25: Hoare triple {5410#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {5571#(or (not (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset)))) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_length_~head.base) sll_length_~head.offset)) (select (select |#memory_$Pointer$.offset| sll_length_~head.base) sll_length_~head.offset))))))} is VALID [2018-11-23 11:24:21,190 INFO L256 TraceCheckUtils]: 24: Hoare triple {5542#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (_ bv0 32)))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {5410#true} is VALID [2018-11-23 11:24:21,191 INFO L273 TraceCheckUtils]: 23: Hoare triple {5578#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (_ bv0 32)))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {5542#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) main_~s~0.offset)) (select (select |#memory_$Pointer$.offset| main_~s~0.base) main_~s~0.offset))) (_ bv0 32)))} is VALID [2018-11-23 11:24:21,193 INFO L268 TraceCheckUtils]: 22: Hoare quadruple {5585#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (_ bv0 32)))} {5410#true} #95#return; {5578#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) |main_#t~ret9.offset|)) (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) |main_#t~ret9.offset|))) (_ bv0 32)))} is VALID [2018-11-23 11:24:21,194 INFO L273 TraceCheckUtils]: 21: Hoare triple {5585#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (_ bv0 32)))} assume true; {5585#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (_ bv0 32)))} is VALID [2018-11-23 11:24:21,196 INFO L273 TraceCheckUtils]: 20: Hoare triple {5592#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)))))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {5585#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|)))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) |sll_create_#res.offset|)) (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) |sll_create_#res.offset|))) (_ bv0 32)))} is VALID [2018-11-23 11:24:21,197 INFO L273 TraceCheckUtils]: 19: Hoare triple {5592#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)))))} assume !~bvsgt32(~len, 0bv32); {5592#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)))))} is VALID [2018-11-23 11:24:21,205 INFO L273 TraceCheckUtils]: 18: Hoare triple {5599#(and (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {5592#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) sll_create_~head~0.offset)))))} is VALID [2018-11-23 11:24:21,206 INFO L273 TraceCheckUtils]: 17: Hoare triple {5599#(and (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {5599#(and (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} is VALID [2018-11-23 11:24:21,208 INFO L273 TraceCheckUtils]: 16: Hoare triple {5606#(and (forall ((v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_65))) (= (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~head~0.base)) (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_65 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))) (forall ((v_prenex_11 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_11))) (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_prenex_11 (store (select |#memory_$Pointer$.offset| v_prenex_11) (_ bv0 32) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.base| v_prenex_11 (store (select |#memory_$Pointer$.base| v_prenex_11) (_ bv0 32) sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| v_prenex_11 (store (select |#memory_$Pointer$.offset| v_prenex_11) (_ bv0 32) sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset))))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {5599#(and (= (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)) (= (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))} is VALID [2018-11-23 11:24:21,305 INFO L273 TraceCheckUtils]: 15: Hoare triple {5610#(and (forall ((v_prenex_11 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_11))) (= (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)))) (forall ((v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (= (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_65))))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {5606#(and (forall ((v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_65))) (= (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~head~0.base)) (select (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_65 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset)) (_ bv0 32)))) (forall ((v_prenex_11 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_11))) (= (_ bv0 32) (select (select (store |#memory_$Pointer$.offset| v_prenex_11 (store (select |#memory_$Pointer$.offset| v_prenex_11) (_ bv0 32) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.base| v_prenex_11 (store (select |#memory_$Pointer$.base| v_prenex_11) (_ bv0 32) sll_create_~head~0.base)) sll_create_~head~0.base) sll_create_~head~0.offset)) (select (select (store |#memory_$Pointer$.offset| v_prenex_11 (store (select |#memory_$Pointer$.offset| v_prenex_11) (_ bv0 32) sll_create_~head~0.offset)) sll_create_~head~0.base) sll_create_~head~0.offset))))))} is VALID [2018-11-23 11:24:21,307 INFO L273 TraceCheckUtils]: 14: Hoare triple {5610#(and (forall ((v_prenex_11 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_11))) (= (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)))) (forall ((v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (= (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_65))))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {5610#(and (forall ((v_prenex_11 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_11))) (= (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)))) (forall ((v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (= (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_65))))))} is VALID [2018-11-23 11:24:21,337 INFO L273 TraceCheckUtils]: 13: Hoare triple {5617#(and (forall ((v_prenex_12 (_ BitVec 32)) (v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (= (_ bv0 32) (select (select (store (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) v_prenex_12)) (select (select (store (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) v_prenex_12)) v_prenex_12) (_ bv0 32))) (select (select (store (store |#memory_$Pointer$.offset| v_prenex_12 (store (select |#memory_$Pointer$.offset| v_prenex_12) (_ bv0 32) sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.offset| v_prenex_12 (store (select |#memory_$Pointer$.offset| v_prenex_12) (_ bv0 32) sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65) (_ bv0 32) (_ bv0 32))) v_prenex_12) (_ bv0 32)))) (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1))))) (forall ((v_prenex_11 (_ BitVec 32)) (v_sll_create_~new_head~0.base_66 (_ BitVec 32))) (or (not (= (_ bv0 1) (select (store |#valid| v_sll_create_~new_head~0.base_66 (_ bv1 1)) v_prenex_11))) (not (= (select |#valid| v_sll_create_~new_head~0.base_66) (_ bv0 1))) (= (_ bv0 32) (select (select (store (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) (_ bv0 32))) (select (select (store (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.base)) v_prenex_11 (store (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.base)) v_prenex_11) (_ bv0 32) v_sll_create_~new_head~0.base_66)) v_sll_create_~new_head~0.base_66) (_ bv0 32))) (select (select (store (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) (_ bv0 32))) v_sll_create_~new_head~0.base_66) (_ bv0 32)))))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {5610#(and (forall ((v_prenex_11 (_ BitVec 32))) (or (not (= (_ bv0 1) (select |#valid| v_prenex_11))) (= (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)))) (forall ((v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (= (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) (select (select (store (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.base| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.base)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (select (select (store (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.offset| sll_create_~new_head~0.base (store (select |#memory_$Pointer$.offset| sll_create_~new_head~0.base) sll_create_~new_head~0.offset sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65) (_ bv0 32) sll_create_~new_head~0.offset)) sll_create_~new_head~0.base) sll_create_~new_head~0.offset)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| v_sll_create_~new_head~0.base_65))))))} is VALID [2018-11-23 11:24:21,349 INFO L273 TraceCheckUtils]: 12: Hoare triple {5621#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (forall ((v_prenex_45 (_ BitVec 32))) (not (= (select (store |#valid| sll_create_~new_head~0.base (_ bv1 1)) v_prenex_45) (_ bv0 1))))) (or (forall ((v_prenex_12 (_ BitVec 32)) (v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_50 (_ BitVec 32)) (v_prenex_49 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_49) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_prenex_49 (_ bv1 1)) v_prenex_50))))) (= (_ bv0 32) sll_create_~head~0.offset)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {5617#(and (forall ((v_prenex_12 (_ BitVec 32)) (v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (= (_ bv0 32) (select (select (store (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) v_prenex_12)) (select (select (store (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.base| v_prenex_12 (store (select |#memory_$Pointer$.base| v_prenex_12) (_ bv0 32) sll_create_~head~0.base)) v_sll_create_~new_head~0.base_65) (_ bv0 32) v_prenex_12)) v_prenex_12) (_ bv0 32))) (select (select (store (store |#memory_$Pointer$.offset| v_prenex_12 (store (select |#memory_$Pointer$.offset| v_prenex_12) (_ bv0 32) sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65 (store (select (store |#memory_$Pointer$.offset| v_prenex_12 (store (select |#memory_$Pointer$.offset| v_prenex_12) (_ bv0 32) sll_create_~head~0.offset)) v_sll_create_~new_head~0.base_65) (_ bv0 32) (_ bv0 32))) v_prenex_12) (_ bv0 32)))) (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1))))) (forall ((v_prenex_11 (_ BitVec 32)) (v_sll_create_~new_head~0.base_66 (_ BitVec 32))) (or (not (= (_ bv0 1) (select (store |#valid| v_sll_create_~new_head~0.base_66 (_ bv1 1)) v_prenex_11))) (not (= (select |#valid| v_sll_create_~new_head~0.base_66) (_ bv0 1))) (= (_ bv0 32) (select (select (store (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) (_ bv0 32))) (select (select (store (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.base)) v_prenex_11 (store (select (store |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.base| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.base)) v_prenex_11) (_ bv0 32) v_sll_create_~new_head~0.base_66)) v_sll_create_~new_head~0.base_66) (_ bv0 32))) (select (select (store (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11 (store (select (store |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66 (store (select |#memory_$Pointer$.offset| v_sll_create_~new_head~0.base_66) (_ bv0 32) sll_create_~head~0.offset)) v_prenex_11) (_ bv0 32) (_ bv0 32))) v_sll_create_~new_head~0.base_66) (_ bv0 32)))))))} is VALID [2018-11-23 11:24:21,350 INFO L273 TraceCheckUtils]: 11: Hoare triple {5621#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (forall ((v_prenex_45 (_ BitVec 32))) (not (= (select (store |#valid| sll_create_~new_head~0.base (_ bv1 1)) v_prenex_45) (_ bv0 1))))) (or (forall ((v_prenex_12 (_ BitVec 32)) (v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_50 (_ BitVec 32)) (v_prenex_49 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_49) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_prenex_49 (_ bv1 1)) v_prenex_50))))) (= (_ bv0 32) sll_create_~head~0.offset)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {5621#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (forall ((v_prenex_45 (_ BitVec 32))) (not (= (select (store |#valid| sll_create_~new_head~0.base (_ bv1 1)) v_prenex_45) (_ bv0 1))))) (or (forall ((v_prenex_12 (_ BitVec 32)) (v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_50 (_ BitVec 32)) (v_prenex_49 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_49) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_prenex_49 (_ bv1 1)) v_prenex_50))))) (= (_ bv0 32) sll_create_~head~0.offset)))} is VALID [2018-11-23 11:24:21,352 INFO L273 TraceCheckUtils]: 10: Hoare triple {5442#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {5621#(and (or (not (= (select |#valid| sll_create_~new_head~0.base) (_ bv0 1))) (not (= sll_create_~new_head~0.offset (_ bv0 32))) (forall ((v_prenex_45 (_ BitVec 32))) (not (= (select (store |#valid| sll_create_~new_head~0.base (_ bv1 1)) v_prenex_45) (_ bv0 1))))) (or (forall ((v_prenex_12 (_ BitVec 32)) (v_sll_create_~new_head~0.base_65 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_12) (_ bv0 1))) (not (= (select (store |#valid| v_prenex_12 (_ bv1 1)) v_sll_create_~new_head~0.base_65) (_ bv0 1))))) (= sll_create_~head~0.base (_ bv0 32))) (or (forall ((v_prenex_50 (_ BitVec 32)) (v_prenex_49 (_ BitVec 32))) (or (not (= (select |#valid| v_prenex_49) (_ bv0 1))) (not (= (_ bv0 1) (select (store |#valid| v_prenex_49 (_ bv1 1)) v_prenex_50))))) (= (_ bv0 32) sll_create_~head~0.offset)))} is VALID [2018-11-23 11:24:21,352 INFO L273 TraceCheckUtils]: 9: Hoare triple {5410#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {5442#(and (= (_ bv0 32) sll_create_~head~0.offset) (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:24:21,353 INFO L256 TraceCheckUtils]: 8: Hoare triple {5410#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {5410#true} is VALID [2018-11-23 11:24:21,353 INFO L273 TraceCheckUtils]: 7: Hoare triple {5410#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {5410#true} is VALID [2018-11-23 11:24:21,353 INFO L273 TraceCheckUtils]: 6: Hoare triple {5410#true} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {5410#true} is VALID [2018-11-23 11:24:21,353 INFO L273 TraceCheckUtils]: 5: Hoare triple {5410#true} ~len~1 := 2bv32; {5410#true} is VALID [2018-11-23 11:24:21,353 INFO L256 TraceCheckUtils]: 4: Hoare triple {5410#true} call #t~ret11 := main(); {5410#true} is VALID [2018-11-23 11:24:21,354 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {5410#true} {5410#true} #91#return; {5410#true} is VALID [2018-11-23 11:24:21,354 INFO L273 TraceCheckUtils]: 2: Hoare triple {5410#true} assume true; {5410#true} is VALID [2018-11-23 11:24:21,354 INFO L273 TraceCheckUtils]: 1: Hoare triple {5410#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {5410#true} is VALID [2018-11-23 11:24:21,354 INFO L256 TraceCheckUtils]: 0: Hoare triple {5410#true} call ULTIMATE.init(); {5410#true} is VALID [2018-11-23 11:24:21,364 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 4 proven. 18 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2018-11-23 11:24:21,366 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:24:21,366 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 17] total 32 [2018-11-23 11:24:21,367 INFO L78 Accepts]: Start accepts. Automaton has 32 states. Word has length 36 [2018-11-23 11:24:21,367 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:24:21,367 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 32 states. [2018-11-23 11:24:21,532 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 60 edges. 60 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:24:21,532 INFO L459 AbstractCegarLoop]: Interpolant automaton has 32 states [2018-11-23 11:24:21,532 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 32 interpolants. [2018-11-23 11:24:21,533 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=95, Invalid=885, Unknown=12, NotChecked=0, Total=992 [2018-11-23 11:24:21,533 INFO L87 Difference]: Start difference. First operand 44 states and 50 transitions. Second operand 32 states. [2018-11-23 11:24:26,504 WARN L180 SmtUtils]: Spent 143.00 ms on a formula simplification that was a NOOP. DAG size: 50 [2018-11-23 11:24:33,815 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:24:33,815 INFO L93 Difference]: Finished difference Result 74 states and 83 transitions. [2018-11-23 11:24:33,816 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2018-11-23 11:24:33,816 INFO L78 Accepts]: Start accepts. Automaton has 32 states. Word has length 36 [2018-11-23 11:24:33,816 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:24:33,816 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 32 states. [2018-11-23 11:24:33,818 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 23 states to 23 states and 71 transitions. [2018-11-23 11:24:33,818 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 32 states. [2018-11-23 11:24:33,819 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 23 states to 23 states and 71 transitions. [2018-11-23 11:24:33,819 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 23 states and 71 transitions. [2018-11-23 11:24:34,007 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 71 edges. 71 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:24:34,009 INFO L225 Difference]: With dead ends: 74 [2018-11-23 11:24:34,009 INFO L226 Difference]: Without dead ends: 65 [2018-11-23 11:24:34,011 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 73 GetRequests, 37 SyntacticMatches, 4 SemanticMatches, 32 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 244 ImplicationChecksByTransitivity, 36.2s TimeCoverageRelationStatistics Valid=108, Invalid=1002, Unknown=12, NotChecked=0, Total=1122 [2018-11-23 11:24:34,011 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2018-11-23 11:24:34,211 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 60. [2018-11-23 11:24:34,211 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:24:34,211 INFO L82 GeneralOperation]: Start isEquivalent. First operand 65 states. Second operand 60 states. [2018-11-23 11:24:34,211 INFO L74 IsIncluded]: Start isIncluded. First operand 65 states. Second operand 60 states. [2018-11-23 11:24:34,211 INFO L87 Difference]: Start difference. First operand 65 states. Second operand 60 states. [2018-11-23 11:24:34,213 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:24:34,214 INFO L93 Difference]: Finished difference Result 65 states and 71 transitions. [2018-11-23 11:24:34,214 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 71 transitions. [2018-11-23 11:24:34,214 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:24:34,214 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:24:34,214 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand 65 states. [2018-11-23 11:24:34,214 INFO L87 Difference]: Start difference. First operand 60 states. Second operand 65 states. [2018-11-23 11:24:34,216 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:24:34,216 INFO L93 Difference]: Finished difference Result 65 states and 71 transitions. [2018-11-23 11:24:34,216 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 71 transitions. [2018-11-23 11:24:34,217 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:24:34,217 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:24:34,217 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:24:34,217 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:24:34,217 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 60 states. [2018-11-23 11:24:34,219 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 67 transitions. [2018-11-23 11:24:34,219 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 67 transitions. Word has length 36 [2018-11-23 11:24:34,219 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:24:34,219 INFO L480 AbstractCegarLoop]: Abstraction has 60 states and 67 transitions. [2018-11-23 11:24:34,219 INFO L481 AbstractCegarLoop]: Interpolant automaton has 32 states. [2018-11-23 11:24:34,219 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 67 transitions. [2018-11-23 11:24:34,220 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2018-11-23 11:24:34,220 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:24:34,220 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:24:34,221 INFO L423 AbstractCegarLoop]: === Iteration 15 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:24:34,221 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:24:34,221 INFO L82 PathProgramCache]: Analyzing trace with hash 482544650, now seen corresponding path program 7 times [2018-11-23 11:24:34,221 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:24:34,221 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 16 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 16 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:24:34,252 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-11-23 11:24:34,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:24:34,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:24:34,381 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:24:34,846 INFO L256 TraceCheckUtils]: 0: Hoare triple {5989#true} call ULTIMATE.init(); {5989#true} is VALID [2018-11-23 11:24:34,847 INFO L273 TraceCheckUtils]: 1: Hoare triple {5989#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {5989#true} is VALID [2018-11-23 11:24:34,847 INFO L273 TraceCheckUtils]: 2: Hoare triple {5989#true} assume true; {5989#true} is VALID [2018-11-23 11:24:34,847 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {5989#true} {5989#true} #91#return; {5989#true} is VALID [2018-11-23 11:24:34,847 INFO L256 TraceCheckUtils]: 4: Hoare triple {5989#true} call #t~ret11 := main(); {5989#true} is VALID [2018-11-23 11:24:34,848 INFO L273 TraceCheckUtils]: 5: Hoare triple {5989#true} ~len~1 := 2bv32; {6009#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:34,849 INFO L273 TraceCheckUtils]: 6: Hoare triple {6009#(= (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {6013#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:34,849 INFO L273 TraceCheckUtils]: 7: Hoare triple {6013#(= (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {6017#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:34,850 INFO L273 TraceCheckUtils]: 8: Hoare triple {6017#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {6017#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:34,850 INFO L256 TraceCheckUtils]: 9: Hoare triple {6017#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {5989#true} is VALID [2018-11-23 11:24:34,850 INFO L273 TraceCheckUtils]: 10: Hoare triple {5989#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {6027#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:24:34,850 INFO L273 TraceCheckUtils]: 11: Hoare triple {6027#(= |sll_create_#in~len| sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6027#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:24:34,851 INFO L273 TraceCheckUtils]: 12: Hoare triple {6027#(= |sll_create_#in~len| sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6027#(= |sll_create_#in~len| sll_create_~len)} is VALID [2018-11-23 11:24:34,852 INFO L273 TraceCheckUtils]: 13: Hoare triple {6027#(= |sll_create_#in~len| sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6037#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:24:34,852 INFO L273 TraceCheckUtils]: 14: Hoare triple {6037#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6037#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:24:34,853 INFO L273 TraceCheckUtils]: 15: Hoare triple {6037#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6037#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} is VALID [2018-11-23 11:24:34,880 INFO L273 TraceCheckUtils]: 16: Hoare triple {6037#(= (bvadd |sll_create_#in~len| (_ bv4294967295 32)) sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6047#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} is VALID [2018-11-23 11:24:34,880 INFO L273 TraceCheckUtils]: 17: Hoare triple {6047#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6047#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} is VALID [2018-11-23 11:24:34,881 INFO L273 TraceCheckUtils]: 18: Hoare triple {6047#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6047#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} is VALID [2018-11-23 11:24:34,904 INFO L273 TraceCheckUtils]: 19: Hoare triple {6047#(= (bvadd |sll_create_#in~len| (_ bv4294967294 32)) sll_create_~len)} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6057#(= (bvadd |sll_create_#in~len| (_ bv4294967293 32)) sll_create_~len)} is VALID [2018-11-23 11:24:34,907 INFO L273 TraceCheckUtils]: 20: Hoare triple {6057#(= (bvadd |sll_create_#in~len| (_ bv4294967293 32)) sll_create_~len)} assume !~bvsgt32(~len, 0bv32); {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:34,907 INFO L273 TraceCheckUtils]: 21: Hoare triple {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:34,907 INFO L273 TraceCheckUtils]: 22: Hoare triple {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} assume true; {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:34,908 INFO L268 TraceCheckUtils]: 23: Hoare quadruple {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} {6017#(= (bvadd main_~len~1 (_ bv4294967292 32)) (_ bv0 32))} #95#return; {5990#false} is VALID [2018-11-23 11:24:34,908 INFO L273 TraceCheckUtils]: 24: Hoare triple {5990#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {5990#false} is VALID [2018-11-23 11:24:34,908 INFO L256 TraceCheckUtils]: 25: Hoare triple {5990#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {5990#false} is VALID [2018-11-23 11:24:34,909 INFO L273 TraceCheckUtils]: 26: Hoare triple {5990#false} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {5990#false} is VALID [2018-11-23 11:24:34,909 INFO L273 TraceCheckUtils]: 27: Hoare triple {5990#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5990#false} is VALID [2018-11-23 11:24:34,909 INFO L273 TraceCheckUtils]: 28: Hoare triple {5990#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5990#false} is VALID [2018-11-23 11:24:34,909 INFO L273 TraceCheckUtils]: 29: Hoare triple {5990#false} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5990#false} is VALID [2018-11-23 11:24:34,910 INFO L273 TraceCheckUtils]: 30: Hoare triple {5990#false} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {5990#false} is VALID [2018-11-23 11:24:34,910 INFO L273 TraceCheckUtils]: 31: Hoare triple {5990#false} #res := ~len~0; {5990#false} is VALID [2018-11-23 11:24:34,910 INFO L273 TraceCheckUtils]: 32: Hoare triple {5990#false} assume true; {5990#false} is VALID [2018-11-23 11:24:34,911 INFO L268 TraceCheckUtils]: 33: Hoare quadruple {5990#false} {5990#false} #97#return; {5990#false} is VALID [2018-11-23 11:24:34,911 INFO L273 TraceCheckUtils]: 34: Hoare triple {5990#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {5990#false} is VALID [2018-11-23 11:24:34,911 INFO L273 TraceCheckUtils]: 35: Hoare triple {5990#false} assume !false; {5990#false} is VALID [2018-11-23 11:24:34,913 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2018-11-23 11:24:34,913 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:24:35,588 INFO L273 TraceCheckUtils]: 35: Hoare triple {5990#false} assume !false; {5990#false} is VALID [2018-11-23 11:24:35,589 INFO L273 TraceCheckUtils]: 34: Hoare triple {5990#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {5990#false} is VALID [2018-11-23 11:24:35,589 INFO L268 TraceCheckUtils]: 33: Hoare quadruple {5989#true} {5990#false} #97#return; {5990#false} is VALID [2018-11-23 11:24:35,589 INFO L273 TraceCheckUtils]: 32: Hoare triple {5989#true} assume true; {5989#true} is VALID [2018-11-23 11:24:35,590 INFO L273 TraceCheckUtils]: 31: Hoare triple {5989#true} #res := ~len~0; {5989#true} is VALID [2018-11-23 11:24:35,590 INFO L273 TraceCheckUtils]: 30: Hoare triple {5989#true} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {5989#true} is VALID [2018-11-23 11:24:35,590 INFO L273 TraceCheckUtils]: 29: Hoare triple {5989#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5989#true} is VALID [2018-11-23 11:24:35,590 INFO L273 TraceCheckUtils]: 28: Hoare triple {5989#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5989#true} is VALID [2018-11-23 11:24:35,590 INFO L273 TraceCheckUtils]: 27: Hoare triple {5989#true} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5989#true} is VALID [2018-11-23 11:24:35,591 INFO L273 TraceCheckUtils]: 26: Hoare triple {5989#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {5989#true} is VALID [2018-11-23 11:24:35,591 INFO L256 TraceCheckUtils]: 25: Hoare triple {5990#false} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {5989#true} is VALID [2018-11-23 11:24:35,591 INFO L273 TraceCheckUtils]: 24: Hoare triple {5990#false} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {5990#false} is VALID [2018-11-23 11:24:35,593 INFO L268 TraceCheckUtils]: 23: Hoare quadruple {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} {6143#(bvsgt (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} #95#return; {5990#false} is VALID [2018-11-23 11:24:35,594 INFO L273 TraceCheckUtils]: 22: Hoare triple {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} assume true; {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:35,594 INFO L273 TraceCheckUtils]: 21: Hoare triple {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:35,595 INFO L273 TraceCheckUtils]: 20: Hoare triple {6156#(or (bvsgt sll_create_~len (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} assume !~bvsgt32(~len, 0bv32); {6061#(not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:35,600 INFO L273 TraceCheckUtils]: 19: Hoare triple {6160#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6156#(or (bvsgt sll_create_~len (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} is VALID [2018-11-23 11:24:35,600 INFO L273 TraceCheckUtils]: 18: Hoare triple {6160#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6160#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} is VALID [2018-11-23 11:24:35,600 INFO L273 TraceCheckUtils]: 17: Hoare triple {6160#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6160#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} is VALID [2018-11-23 11:24:35,609 INFO L273 TraceCheckUtils]: 16: Hoare triple {6170#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6160#(or (bvsgt (bvadd sll_create_~len (_ bv4294967295 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} is VALID [2018-11-23 11:24:35,610 INFO L273 TraceCheckUtils]: 15: Hoare triple {6170#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6170#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} is VALID [2018-11-23 11:24:35,610 INFO L273 TraceCheckUtils]: 14: Hoare triple {6170#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6170#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} is VALID [2018-11-23 11:24:35,616 INFO L273 TraceCheckUtils]: 13: Hoare triple {6180#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967293 32)) (_ bv0 32)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6170#(or (bvsgt (bvadd sll_create_~len (_ bv4294967294 32)) (_ bv0 32)) (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))))} is VALID [2018-11-23 11:24:35,616 INFO L273 TraceCheckUtils]: 12: Hoare triple {6180#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967293 32)) (_ bv0 32)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6180#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:35,617 INFO L273 TraceCheckUtils]: 11: Hoare triple {6180#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967293 32)) (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6180#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:35,617 INFO L273 TraceCheckUtils]: 10: Hoare triple {5989#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {6180#(or (not (bvsgt (bvadd |sll_create_#in~len| (_ bv4294967293 32)) (_ bv0 32))) (bvsgt (bvadd sll_create_~len (_ bv4294967293 32)) (_ bv0 32)))} is VALID [2018-11-23 11:24:35,617 INFO L256 TraceCheckUtils]: 9: Hoare triple {6143#(bvsgt (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {5989#true} is VALID [2018-11-23 11:24:35,618 INFO L273 TraceCheckUtils]: 8: Hoare triple {6143#(bvsgt (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {6143#(bvsgt (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:35,622 INFO L273 TraceCheckUtils]: 7: Hoare triple {6196#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {6143#(bvsgt (bvadd main_~len~1 (_ bv4294967293 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:35,625 INFO L273 TraceCheckUtils]: 6: Hoare triple {6200#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {6196#(bvsgt (bvadd main_~len~1 (_ bv4294967294 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:35,626 INFO L273 TraceCheckUtils]: 5: Hoare triple {5989#true} ~len~1 := 2bv32; {6200#(bvsgt (bvadd main_~len~1 (_ bv4294967295 32)) (_ bv0 32))} is VALID [2018-11-23 11:24:35,626 INFO L256 TraceCheckUtils]: 4: Hoare triple {5989#true} call #t~ret11 := main(); {5989#true} is VALID [2018-11-23 11:24:35,626 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {5989#true} {5989#true} #91#return; {5989#true} is VALID [2018-11-23 11:24:35,626 INFO L273 TraceCheckUtils]: 2: Hoare triple {5989#true} assume true; {5989#true} is VALID [2018-11-23 11:24:35,626 INFO L273 TraceCheckUtils]: 1: Hoare triple {5989#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {5989#true} is VALID [2018-11-23 11:24:35,627 INFO L256 TraceCheckUtils]: 0: Hoare triple {5989#true} call ULTIMATE.init(); {5989#true} is VALID [2018-11-23 11:24:35,629 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2018-11-23 11:24:35,634 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2018-11-23 11:24:35,635 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10] total 17 [2018-11-23 11:24:35,635 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 36 [2018-11-23 11:24:35,636 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:24:35,636 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 17 states. [2018-11-23 11:24:35,791 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 58 edges. 58 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:24:35,791 INFO L459 AbstractCegarLoop]: Interpolant automaton has 17 states [2018-11-23 11:24:35,792 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2018-11-23 11:24:35,792 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=45, Invalid=227, Unknown=0, NotChecked=0, Total=272 [2018-11-23 11:24:35,792 INFO L87 Difference]: Start difference. First operand 60 states and 67 transitions. Second operand 17 states. [2018-11-23 11:24:36,919 WARN L180 SmtUtils]: Spent 120.00 ms on a formula simplification. DAG size of input: 19 DAG size of output: 11 [2018-11-23 11:24:38,634 WARN L180 SmtUtils]: Spent 307.00 ms on a formula simplification. DAG size of input: 16 DAG size of output: 13 [2018-11-23 11:24:41,369 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:24:41,369 INFO L93 Difference]: Finished difference Result 132 states and 155 transitions. [2018-11-23 11:24:41,369 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2018-11-23 11:24:41,369 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 36 [2018-11-23 11:24:41,370 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:24:41,370 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 17 states. [2018-11-23 11:24:41,373 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 116 transitions. [2018-11-23 11:24:41,373 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 17 states. [2018-11-23 11:24:41,376 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 116 transitions. [2018-11-23 11:24:41,376 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 19 states and 116 transitions. [2018-11-23 11:24:42,776 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 116 edges. 116 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:24:42,779 INFO L225 Difference]: With dead ends: 132 [2018-11-23 11:24:42,779 INFO L226 Difference]: Without dead ends: 87 [2018-11-23 11:24:42,780 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 80 GetRequests, 56 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 54 ImplicationChecksByTransitivity, 1.9s TimeCoverageRelationStatistics Valid=110, Invalid=540, Unknown=0, NotChecked=0, Total=650 [2018-11-23 11:24:42,780 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2018-11-23 11:24:43,014 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 58. [2018-11-23 11:24:43,015 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:24:43,015 INFO L82 GeneralOperation]: Start isEquivalent. First operand 87 states. Second operand 58 states. [2018-11-23 11:24:43,015 INFO L74 IsIncluded]: Start isIncluded. First operand 87 states. Second operand 58 states. [2018-11-23 11:24:43,015 INFO L87 Difference]: Start difference. First operand 87 states. Second operand 58 states. [2018-11-23 11:24:43,019 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:24:43,019 INFO L93 Difference]: Finished difference Result 87 states and 103 transitions. [2018-11-23 11:24:43,019 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 103 transitions. [2018-11-23 11:24:43,020 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:24:43,020 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:24:43,020 INFO L74 IsIncluded]: Start isIncluded. First operand 58 states. Second operand 87 states. [2018-11-23 11:24:43,020 INFO L87 Difference]: Start difference. First operand 58 states. Second operand 87 states. [2018-11-23 11:24:43,024 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:24:43,024 INFO L93 Difference]: Finished difference Result 87 states and 103 transitions. [2018-11-23 11:24:43,024 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 103 transitions. [2018-11-23 11:24:43,025 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:24:43,025 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:24:43,025 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:24:43,026 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:24:43,026 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 58 states. [2018-11-23 11:24:43,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 66 transitions. [2018-11-23 11:24:43,028 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 66 transitions. Word has length 36 [2018-11-23 11:24:43,028 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:24:43,028 INFO L480 AbstractCegarLoop]: Abstraction has 58 states and 66 transitions. [2018-11-23 11:24:43,028 INFO L481 AbstractCegarLoop]: Interpolant automaton has 17 states. [2018-11-23 11:24:43,029 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 66 transitions. [2018-11-23 11:24:43,029 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2018-11-23 11:24:43,029 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:24:43,029 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 4, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:24:43,030 INFO L423 AbstractCegarLoop]: === Iteration 16 === [mainErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:24:43,030 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:24:43,030 INFO L82 PathProgramCache]: Analyzing trace with hash -748817156, now seen corresponding path program 8 times [2018-11-23 11:24:43,030 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:24:43,030 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 17 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 17 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:24:43,060 INFO L101 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2018-11-23 11:24:43,227 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2018-11-23 11:24:43,227 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-23 11:24:43,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:24:43,293 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:24:44,003 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2018-11-23 11:24:44,028 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,077 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,078 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:14, output treesize:13 [2018-11-23 11:24:44,082 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:24:44,082 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_144|]. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= |#valid| (store |v_#valid_144| sll_create_~new_head~0.base (_ bv1 1)))) [2018-11-23 11:24:44,082 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (select |#valid| sll_create_~new_head~0.base) (_ bv1 1))) [2018-11-23 11:24:44,214 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:24:44,220 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:24:44,221 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,224 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,236 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,236 INFO L202 ElimStorePlain]: Needed 3 recursive calls to eliminate 2 variables, input treesize:24, output treesize:17 [2018-11-23 11:24:44,247 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:24:44,248 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_113|, v_sll_create_~head~0.base_106]. (and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_113| sll_create_~head~0.base (store (select |v_#memory_$Pointer$.base_113| sll_create_~head~0.base) (_ bv0 32) v_sll_create_~head~0.base_106))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= v_sll_create_~head~0.base_106 (_ bv0 32)))) [2018-11-23 11:24:44,248 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset)) [2018-11-23 11:24:44,289 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:44,291 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:44,292 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 21 [2018-11-23 11:24:44,294 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,319 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,319 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:35, output treesize:34 [2018-11-23 11:24:44,326 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:24:44,326 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#valid_145|]. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (= (_ bv0 1) (select |v_#valid_145| sll_create_~new_head~0.base)) (= (_ bv1 1) (select |v_#valid_145| sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= |#valid| (store |v_#valid_145| sll_create_~new_head~0.base (_ bv1 1))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (_ bv0 32) sll_create_~new_head~0.base))) [2018-11-23 11:24:44,326 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (= (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (not (= (_ bv0 32) sll_create_~new_head~0.base)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1)))) [2018-11-23 11:24:44,406 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 8 [2018-11-23 11:24:44,413 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:24:44,415 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,420 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,481 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 21 [2018-11-23 11:24:44,487 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:24:44,494 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,504 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,548 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,548 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:53, output treesize:50 [2018-11-23 11:24:44,671 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:44,672 INFO L683 Elim1Store]: detected equality via solver [2018-11-23 11:24:44,673 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 5 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 21 [2018-11-23 11:24:44,680 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,721 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,721 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:58, output treesize:50 [2018-11-23 11:24:44,928 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 20 [2018-11-23 11:24:44,934 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2018-11-23 11:24:44,941 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:44,960 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:45,026 INFO L701 Elim1Store]: detected not equals via solver [2018-11-23 11:24:45,042 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 5 disjoint index pairs (out of 3 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 40 treesize of output 53 [2018-11-23 11:24:45,058 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 16 [2018-11-23 11:24:45,059 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:45,083 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:45,136 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:45,136 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 3 variables, input treesize:69, output treesize:74 [2018-11-23 11:24:45,171 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:24:45,172 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_115|, v_sll_create_~head~0.base_108, |v_#memory_$Pointer$.offset_108|]. (let ((.cse0 (select (select |v_#memory_$Pointer$.base_115| v_sll_create_~head~0.base_108) (_ bv0 32)))) (and (not (= v_sll_create_~head~0.base_108 .cse0)) (= (_ bv0 32) (select (select |v_#memory_$Pointer$.offset_108| v_sll_create_~head~0.base_108) (_ bv0 32))) (not (= sll_create_~head~0.base .cse0)) (not (= v_sll_create_~head~0.base_108 sll_create_~head~0.base)) (= (store |v_#memory_$Pointer$.offset_108| sll_create_~head~0.base (store (select |v_#memory_$Pointer$.offset_108| sll_create_~head~0.base) (_ bv0 32) (_ bv0 32))) |#memory_$Pointer$.offset|) (= (_ bv0 32) sll_create_~head~0.offset) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_115| sll_create_~head~0.base (store (select |v_#memory_$Pointer$.base_115| sll_create_~head~0.base) (_ bv0 32) v_sll_create_~head~0.base_108))) (not (= v_sll_create_~head~0.base_108 (_ bv0 32))) (not (= (select (select |v_#memory_$Pointer$.base_115| .cse0) (_ bv0 32)) (_ bv0 32))))) [2018-11-23 11:24:45,172 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (let ((.cse1 (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)))) (let ((.cse0 (select (select |#memory_$Pointer$.base| .cse1) (_ bv0 32)))) (and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= .cse0 sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| .cse0) (_ bv0 32)))) (not (= .cse1 .cse0)) (not (= .cse1 (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| .cse1) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset)))) [2018-11-23 11:24:46,463 INFO L256 TraceCheckUtils]: 0: Hoare triple {6700#true} call ULTIMATE.init(); {6700#true} is VALID [2018-11-23 11:24:46,464 INFO L273 TraceCheckUtils]: 1: Hoare triple {6700#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1]; {6700#true} is VALID [2018-11-23 11:24:46,464 INFO L273 TraceCheckUtils]: 2: Hoare triple {6700#true} assume true; {6700#true} is VALID [2018-11-23 11:24:46,464 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {6700#true} {6700#true} #91#return; {6700#true} is VALID [2018-11-23 11:24:46,464 INFO L256 TraceCheckUtils]: 4: Hoare triple {6700#true} call #t~ret11 := main(); {6700#true} is VALID [2018-11-23 11:24:46,464 INFO L273 TraceCheckUtils]: 5: Hoare triple {6700#true} ~len~1 := 2bv32; {6700#true} is VALID [2018-11-23 11:24:46,464 INFO L273 TraceCheckUtils]: 6: Hoare triple {6700#true} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {6700#true} is VALID [2018-11-23 11:24:46,465 INFO L273 TraceCheckUtils]: 7: Hoare triple {6700#true} assume !!(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7;#t~post8 := ~len~1;~len~1 := ~bvadd32(1bv32, #t~post8);havoc #t~post8; {6700#true} is VALID [2018-11-23 11:24:46,465 INFO L273 TraceCheckUtils]: 8: Hoare triple {6700#true} assume !(~bvslt32(~len~1, 32bv32) && 0bv32 != #t~nondet7);havoc #t~nondet7; {6700#true} is VALID [2018-11-23 11:24:46,465 INFO L256 TraceCheckUtils]: 9: Hoare triple {6700#true} call #t~ret9.base, #t~ret9.offset := sll_create(~len~1); {6700#true} is VALID [2018-11-23 11:24:46,465 INFO L273 TraceCheckUtils]: 10: Hoare triple {6700#true} ~len := #in~len;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {6700#true} is VALID [2018-11-23 11:24:46,466 INFO L273 TraceCheckUtils]: 11: Hoare triple {6700#true} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6738#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:24:46,466 INFO L273 TraceCheckUtils]: 12: Hoare triple {6738#(not (= (_ bv0 32) sll_create_~new_head~0.base))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6738#(not (= (_ bv0 32) sll_create_~new_head~0.base))} is VALID [2018-11-23 11:24:46,466 INFO L273 TraceCheckUtils]: 13: Hoare triple {6738#(not (= (_ bv0 32) sll_create_~new_head~0.base))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6745#(not (= sll_create_~head~0.base (_ bv0 32)))} is VALID [2018-11-23 11:24:46,468 INFO L273 TraceCheckUtils]: 14: Hoare triple {6745#(not (= sll_create_~head~0.base (_ bv0 32)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6749#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-23 11:24:46,468 INFO L273 TraceCheckUtils]: 15: Hoare triple {6749#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6749#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} is VALID [2018-11-23 11:24:46,471 INFO L273 TraceCheckUtils]: 16: Hoare triple {6749#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6756#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} is VALID [2018-11-23 11:24:46,474 INFO L273 TraceCheckUtils]: 17: Hoare triple {6756#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6760#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (not (= (_ bv0 32) sll_create_~new_head~0.base)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} is VALID [2018-11-23 11:24:46,476 INFO L273 TraceCheckUtils]: 18: Hoare triple {6760#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (not (= (_ bv0 32) sll_create_~new_head~0.base)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6760#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (not (= (_ bv0 32) sll_create_~new_head~0.base)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} is VALID [2018-11-23 11:24:46,479 INFO L273 TraceCheckUtils]: 19: Hoare triple {6760#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (bvadd (select |#valid| sll_create_~new_head~0.base) (_ bv1 1)) (_ bv0 1)) (not (= (_ bv0 32) sll_create_~new_head~0.base)) (= (_ bv0 32) sll_create_~head~0.offset) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select |#valid| sll_create_~head~0.base) (_ bv0 1))))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6767#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)))} is VALID [2018-11-23 11:24:46,481 INFO L273 TraceCheckUtils]: 20: Hoare triple {6767#(and (= (_ bv1 1) (select |#valid| sll_create_~head~0.base)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 1) (select |#valid| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)))} assume !!~bvsgt32(~len, 0bv32);call #t~malloc2.base, #t~malloc2.offset := #Ultimate.alloc(4bv32);~new_head~0.base, ~new_head~0.offset := #t~malloc2.base, #t~malloc2.offset; {6771#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:24:46,482 INFO L273 TraceCheckUtils]: 21: Hoare triple {6771#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} assume !(0bv32 == ~new_head~0.base && 0bv32 == ~new_head~0.offset); {6771#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} is VALID [2018-11-23 11:24:46,486 INFO L273 TraceCheckUtils]: 22: Hoare triple {6771#(and (= sll_create_~new_head~0.offset (_ bv0 32)) (not (= sll_create_~head~0.base (_ bv0 32))) (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~head~0.base)) (not (= sll_create_~head~0.base sll_create_~new_head~0.base)) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) sll_create_~new_head~0.base)))} call write~$Pointer$(~head~0.base, ~head~0.offset, ~new_head~0.base, ~new_head~0.offset, 4bv32);~head~0.base, ~head~0.offset := ~new_head~0.base, ~new_head~0.offset;#t~post3 := ~len;~len := ~bvsub32(#t~post3, 1bv32);havoc #t~post3; {6778#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} is VALID [2018-11-23 11:24:46,488 INFO L273 TraceCheckUtils]: 23: Hoare triple {6778#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} assume !~bvsgt32(~len, 0bv32); {6778#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} is VALID [2018-11-23 11:24:46,490 INFO L273 TraceCheckUtils]: 24: Hoare triple {6778#(and (= (select (select |#memory_$Pointer$.offset| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)) sll_create_~head~0.base)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32)) (_ bv0 32))) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| sll_create_~head~0.base) (_ bv0 32))) (_ bv0 32))) (= (_ bv0 32) sll_create_~head~0.offset))} #res.base, #res.offset := ~head~0.base, ~head~0.offset; {6785#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))} is VALID [2018-11-23 11:24:46,490 INFO L273 TraceCheckUtils]: 25: Hoare triple {6785#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))} assume true; {6785#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))} is VALID [2018-11-23 11:24:46,493 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {6785#(and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) |sll_create_#res.base|)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= |sll_create_#res.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |sll_create_#res.base|) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_create_#res.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))} {6700#true} #95#return; {6792#(and (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) |main_#t~ret9.base|)) (= (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) |main_#t~ret9.offset|))} is VALID [2018-11-23 11:24:46,495 INFO L273 TraceCheckUtils]: 27: Hoare triple {6792#(and (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) |main_#t~ret9.base|)) (= (select (select |#memory_$Pointer$.offset| |main_#t~ret9.base|) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32)) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |main_#t~ret9.base|) (_ bv0 32))) (_ bv0 32)))) (= (_ bv0 32) |main_#t~ret9.offset|))} ~s~0.base, ~s~0.offset := #t~ret9.base, #t~ret9.offset;havoc #t~ret9.base, #t~ret9.offset; {6796#(and (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) main_~s~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)))))} is VALID [2018-11-23 11:24:46,498 INFO L256 TraceCheckUtils]: 28: Hoare triple {6796#(and (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) main_~s~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)))))} call #t~ret10 := sll_length(~s~0.base, ~s~0.offset); {6800#(exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))))))} is VALID [2018-11-23 11:24:46,500 INFO L273 TraceCheckUtils]: 29: Hoare triple {6800#(exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32))))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~len~0 := 0bv32; {6804#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (= sll_length_~head.base |sll_length_#in~head.base|) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} is VALID [2018-11-23 11:24:46,502 INFO L273 TraceCheckUtils]: 30: Hoare triple {6804#(and (= sll_length_~head.offset |sll_length_#in~head.offset|) (= sll_length_~head.base |sll_length_#in~head.base|) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {6808#(and (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} is VALID [2018-11-23 11:24:46,506 INFO L273 TraceCheckUtils]: 31: Hoare triple {6808#(and (= (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|) sll_length_~head.base) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))) (= sll_length_~head.offset (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {6812#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.offset) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} is VALID [2018-11-23 11:24:46,508 INFO L273 TraceCheckUtils]: 32: Hoare triple {6812#(and (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.offset) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) sll_length_~head.base))} assume !!(~head.base != 0bv32 || ~head.offset != 0bv32);#t~post4 := ~len~0;~len~0 := ~bvadd32(1bv32, #t~post4);havoc #t~post4;call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32);~head.base, ~head.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {6816#(and (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) sll_length_~head.base))} is VALID [2018-11-23 11:24:46,509 INFO L273 TraceCheckUtils]: 33: Hoare triple {6816#(and (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))) (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) sll_length_~head.base))} assume !(~head.base != 0bv32 || ~head.offset != 0bv32); {6820#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} is VALID [2018-11-23 11:24:46,510 INFO L273 TraceCheckUtils]: 34: Hoare triple {6820#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} #res := ~len~0; {6820#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} is VALID [2018-11-23 11:24:46,510 INFO L273 TraceCheckUtils]: 35: Hoare triple {6820#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} assume true; {6820#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} is VALID [2018-11-23 11:24:46,514 INFO L268 TraceCheckUtils]: 36: Hoare quadruple {6820#(and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| |sll_length_#in~head.base|) |sll_length_#in~head.offset|)) (select (select |#memory_$Pointer$.offset| |sll_length_#in~head.base|) |sll_length_#in~head.offset|))) (_ bv0 32)) (exists ((v_main_~s~0.base_BEFORE_CALL_14 (_ BitVec 32))) (and (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)))) (not (= (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) v_main_~s~0.base_BEFORE_CALL_14)) (= (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32)) (_ bv0 32)) (not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| v_main_~s~0.base_BEFORE_CALL_14) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)))))))} {6796#(and (not (= (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) main_~s~0.base)) (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (= main_~s~0.offset (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| main_~s~0.base) (_ bv0 32)) (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32))) (_ bv0 32)) (_ bv0 32))) (not (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32))) (_ bv0 32)) (select (select |#memory_$Pointer$.base| main_~s~0.base) (_ bv0 32)))))} #97#return; {6701#false} is VALID [2018-11-23 11:24:46,514 INFO L273 TraceCheckUtils]: 37: Hoare triple {6701#false} assume ~len~1 != #t~ret10;havoc #t~ret10; {6701#false} is VALID [2018-11-23 11:24:46,515 INFO L273 TraceCheckUtils]: 38: Hoare triple {6701#false} assume !false; {6701#false} is VALID [2018-11-23 11:24:46,523 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 7 proven. 21 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-23 11:24:46,524 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2018-11-23 11:24:48,028 WARN L180 SmtUtils]: Spent 649.00 ms on a formula simplification that was a NOOP. DAG size: 88 [2018-11-23 11:24:48,486 WARN L180 SmtUtils]: Spent 450.00 ms on a formula simplification that was a NOOP. DAG size: 54 [2018-11-23 11:24:49,349 WARN L180 SmtUtils]: Spent 860.00 ms on a formula simplification that was a NOOP. DAG size: 58 [2018-11-23 11:24:50,214 WARN L180 SmtUtils]: Spent 864.00 ms on a formula simplification that was a NOOP. DAG size: 58 [2018-11-23 11:24:55,134 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 88 treesize of output 82 [2018-11-23 11:24:55,235 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 8 [2018-11-23 11:24:55,237 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:55,320 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 76 treesize of output 72 [2018-11-23 11:24:55,326 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 69 treesize of output 60 [2018-11-23 11:24:55,331 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:55,347 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:55,352 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 76 treesize of output 72 [2018-11-23 11:24:55,362 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 69 treesize of output 60 [2018-11-23 11:24:55,364 INFO L267 ElimStorePlain]: Start of recursive call 7: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:55,379 INFO L267 ElimStorePlain]: Start of recursive call 6: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:55,382 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 77 treesize of output 75 [2018-11-23 11:24:55,389 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 1 [2018-11-23 11:24:55,390 INFO L267 ElimStorePlain]: Start of recursive call 9: End of recursive call: and 1 xjuncts. [2018-11-23 11:24:55,404 INFO L267 ElimStorePlain]: Start of recursive call 8: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:24:55,482 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, 1 dim-2 vars, End of recursive call: and 3 xjuncts. [2018-11-23 11:24:55,570 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: 2 dim-0 vars, and 3 xjuncts. [2018-11-23 11:24:55,570 INFO L202 ElimStorePlain]: Needed 9 recursive calls to eliminate 2 variables, input treesize:95, output treesize:181