java -ea -Xmx8000000000 -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc ../../../trunk/examples/toolchains/AutomizerCInline_WitnessPrinter.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf -i ../../../trunk/examples/svcomp/ldv-sets/test_mutex_double_lock_false-unreach-call_true-termination.i -------------------------------------------------------------------------------- This is Ultimate 0.1.23-61f4311 [2018-11-23 11:10:43,703 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-23 11:10:43,705 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-23 11:10:43,717 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-23 11:10:43,718 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-23 11:10:43,719 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-23 11:10:43,720 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-23 11:10:43,722 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-23 11:10:43,723 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-23 11:10:43,724 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-23 11:10:43,725 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-23 11:10:43,726 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-23 11:10:43,727 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-23 11:10:43,728 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-23 11:10:43,729 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-23 11:10:43,730 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-23 11:10:43,731 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-23 11:10:43,733 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-23 11:10:43,735 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-23 11:10:43,736 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-23 11:10:43,738 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-23 11:10:43,739 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-23 11:10:43,741 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-23 11:10:43,742 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-23 11:10:43,742 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-23 11:10:43,743 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-23 11:10:43,744 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-23 11:10:43,745 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-23 11:10:43,746 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-23 11:10:43,747 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-23 11:10:43,747 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-23 11:10:43,748 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-23 11:10:43,748 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-23 11:10:43,748 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-23 11:10:43,749 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-23 11:10:43,750 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-23 11:10:43,750 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Bitvector.epf [2018-11-23 11:10:43,769 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-23 11:10:43,770 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-23 11:10:43,771 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-23 11:10:43,772 INFO L133 SettingsManager]: * ... calls to implemented procedures=ONLY_FOR_CONCURRENT_PROGRAMS [2018-11-23 11:10:43,772 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-23 11:10:43,772 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-23 11:10:43,772 INFO L133 SettingsManager]: * Use SBE=true [2018-11-23 11:10:43,774 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-23 11:10:43,774 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-23 11:10:43,774 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-23 11:10:43,774 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-23 11:10:43,774 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-23 11:10:43,775 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-23 11:10:43,775 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-23 11:10:43,775 INFO L133 SettingsManager]: * Use bitvectors instead of ints=true [2018-11-23 11:10:43,775 INFO L133 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2018-11-23 11:10:43,775 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-23 11:10:43,776 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-23 11:10:43,776 INFO L133 SettingsManager]: * Use constant arrays=true [2018-11-23 11:10:43,776 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-23 11:10:43,776 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-23 11:10:43,776 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-23 11:10:43,776 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-23 11:10:43,778 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-23 11:10:43,778 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 11:10:43,778 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-23 11:10:43,778 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-23 11:10:43,779 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-23 11:10:43,779 INFO L133 SettingsManager]: * Trace refinement strategy=WOLF [2018-11-23 11:10:43,779 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-23 11:10:43,779 INFO L133 SettingsManager]: * Command for external solver=cvc4nyu --tear-down-incremental --rewrite-divk --print-success --lang smt [2018-11-23 11:10:43,779 INFO L133 SettingsManager]: * Logic for external solver=AUFBV [2018-11-23 11:10:43,779 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2018-11-23 11:10:43,829 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-23 11:10:43,842 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-23 11:10:43,846 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-23 11:10:43,848 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-23 11:10:43,848 INFO L276 PluginConnector]: CDTParser initialized [2018-11-23 11:10:43,849 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/ldv-sets/test_mutex_double_lock_false-unreach-call_true-termination.i [2018-11-23 11:10:43,916 INFO L221 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/802cd2e8f/9ff6f991eebb4b7282e70d587db942f9/FLAG93cce23d7 [2018-11-23 11:10:44,478 INFO L307 CDTParser]: Found 1 translation units. [2018-11-23 11:10:44,479 INFO L161 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/ldv-sets/test_mutex_double_lock_false-unreach-call_true-termination.i [2018-11-23 11:10:44,496 INFO L355 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/802cd2e8f/9ff6f991eebb4b7282e70d587db942f9/FLAG93cce23d7 [2018-11-23 11:10:44,728 INFO L363 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/802cd2e8f/9ff6f991eebb4b7282e70d587db942f9 [2018-11-23 11:10:44,737 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-23 11:10:44,739 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2018-11-23 11:10:44,742 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-23 11:10:44,743 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-23 11:10:44,749 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-23 11:10:44,751 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 11:10:44" (1/1) ... [2018-11-23 11:10:44,754 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@321a1e70 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:44, skipping insertion in model container [2018-11-23 11:10:44,754 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 11:10:44" (1/1) ... [2018-11-23 11:10:44,764 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-23 11:10:44,820 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-23 11:10:45,338 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 11:10:45,353 INFO L191 MainTranslator]: Completed pre-run [2018-11-23 11:10:45,526 INFO L201 PostProcessor]: Analyzing one entry point: main [2018-11-23 11:10:45,597 INFO L195 MainTranslator]: Completed translation [2018-11-23 11:10:45,598 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45 WrapperNode [2018-11-23 11:10:45,598 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-23 11:10:45,599 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2018-11-23 11:10:45,599 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2018-11-23 11:10:45,599 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2018-11-23 11:10:45,609 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,632 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,643 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2018-11-23 11:10:45,643 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-23 11:10:45,643 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-23 11:10:45,643 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-23 11:10:45,656 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,656 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,662 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,663 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,692 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,699 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,704 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... [2018-11-23 11:10:45,710 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-23 11:10:45,711 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-23 11:10:45,711 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-23 11:10:45,711 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-23 11:10:45,712 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-23 11:10:45,778 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-23 11:10:45,778 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_initialize [2018-11-23 11:10:45,778 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_initialize [2018-11-23 11:10:45,779 INFO L130 BoogieDeclarations]: Found specification of procedure __ldv_list_add [2018-11-23 11:10:45,779 INFO L138 BoogieDeclarations]: Found implementation of procedure __ldv_list_add [2018-11-23 11:10:45,779 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_set_empty [2018-11-23 11:10:45,779 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_set_empty [2018-11-23 11:10:45,779 INFO L130 BoogieDeclarations]: Found specification of procedure __ldv_list_del [2018-11-23 11:10:45,780 INFO L138 BoogieDeclarations]: Found implementation of procedure __ldv_list_del [2018-11-23 11:10:45,780 INFO L130 BoogieDeclarations]: Found specification of procedure mutex_unlock [2018-11-23 11:10:45,780 INFO L138 BoogieDeclarations]: Found implementation of procedure mutex_unlock [2018-11-23 11:10:45,780 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_add [2018-11-23 11:10:45,780 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_add [2018-11-23 11:10:45,781 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-23 11:10:45,781 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-23 11:10:45,781 INFO L130 BoogieDeclarations]: Found specification of procedure mutex_lock [2018-11-23 11:10:45,781 INFO L138 BoogieDeclarations]: Found implementation of procedure mutex_lock [2018-11-23 11:10:45,782 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-23 11:10:45,782 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-23 11:10:45,782 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2018-11-23 11:10:45,782 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_set_add [2018-11-23 11:10:45,782 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_set_add [2018-11-23 11:10:45,782 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_is_in_set [2018-11-23 11:10:45,783 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_is_in_set [2018-11-23 11:10:45,783 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2018-11-23 11:10:45,783 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_empty [2018-11-23 11:10:45,783 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_empty [2018-11-23 11:10:45,783 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2018-11-23 11:10:45,783 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2018-11-23 11:10:45,783 INFO L130 BoogieDeclarations]: Found specification of procedure foo [2018-11-23 11:10:45,783 INFO L138 BoogieDeclarations]: Found implementation of procedure foo [2018-11-23 11:10:45,784 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_del [2018-11-23 11:10:45,784 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_del [2018-11-23 11:10:45,784 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_successful_malloc [2018-11-23 11:10:45,784 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_successful_malloc [2018-11-23 11:10:45,784 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_check_final_state [2018-11-23 11:10:45,784 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_check_final_state [2018-11-23 11:10:45,784 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_set_del [2018-11-23 11:10:45,785 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_set_del [2018-11-23 11:10:45,785 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-23 11:10:45,785 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-23 11:10:47,140 INFO L275 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-23 11:10:47,141 INFO L280 CfgBuilder]: Removed 2 assue(true) statements. [2018-11-23 11:10:47,141 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 11:10:47 BoogieIcfgContainer [2018-11-23 11:10:47,141 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-23 11:10:47,142 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-23 11:10:47,143 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-23 11:10:47,146 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-23 11:10:47,147 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 11:10:44" (1/3) ... [2018-11-23 11:10:47,147 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3d0fb6de and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 11:10:47, skipping insertion in model container [2018-11-23 11:10:47,148 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 11:10:45" (2/3) ... [2018-11-23 11:10:47,148 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3d0fb6de and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 11:10:47, skipping insertion in model container [2018-11-23 11:10:47,148 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 11:10:47" (3/3) ... [2018-11-23 11:10:47,150 INFO L112 eAbstractionObserver]: Analyzing ICFG test_mutex_double_lock_false-unreach-call_true-termination.i [2018-11-23 11:10:47,159 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-23 11:10:47,168 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 3 error locations. [2018-11-23 11:10:47,185 INFO L257 AbstractCegarLoop]: Starting to check reachability of 3 error locations. [2018-11-23 11:10:47,218 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-23 11:10:47,218 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-23 11:10:47,218 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-23 11:10:47,219 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-23 11:10:47,219 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-23 11:10:47,219 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-23 11:10:47,219 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-23 11:10:47,219 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-23 11:10:47,219 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-23 11:10:47,243 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states. [2018-11-23 11:10:47,250 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2018-11-23 11:10:47,251 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:10:47,252 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:10:47,254 INFO L423 AbstractCegarLoop]: === Iteration 1 === [mutex_unlockErr0ASSERT_VIOLATIONERROR_FUNCTION, ldv_check_final_stateErr0ASSERT_VIOLATIONERROR_FUNCTION, mutex_lockErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:10:47,260 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:10:47,261 INFO L82 PathProgramCache]: Analyzing trace with hash -2118021768, now seen corresponding path program 1 times [2018-11-23 11:10:47,266 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:10:47,267 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:10:47,293 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:10:47,378 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:47,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:47,414 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:10:47,923 INFO L256 TraceCheckUtils]: 0: Hoare triple {100#true} call ULTIMATE.init(); {100#true} is VALID [2018-11-23 11:10:47,926 INFO L273 TraceCheckUtils]: 1: Hoare triple {100#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];call ~#mutexes~0.base, ~#mutexes~0.offset := #Ultimate.alloc(8bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~#mutexes~0.offset, 4bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~bvadd32(4bv32, ~#mutexes~0.offset), 4bv32); {100#true} is VALID [2018-11-23 11:10:47,927 INFO L273 TraceCheckUtils]: 2: Hoare triple {100#true} assume true; {100#true} is VALID [2018-11-23 11:10:47,928 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {100#true} {100#true} #171#return; {100#true} is VALID [2018-11-23 11:10:47,928 INFO L256 TraceCheckUtils]: 4: Hoare triple {100#true} call #t~ret32 := main(); {100#true} is VALID [2018-11-23 11:10:47,929 INFO L256 TraceCheckUtils]: 5: Hoare triple {100#true} call foo(); {100#true} is VALID [2018-11-23 11:10:47,929 INFO L256 TraceCheckUtils]: 6: Hoare triple {100#true} call ldv_initialize(); {100#true} is VALID [2018-11-23 11:10:47,930 INFO L273 TraceCheckUtils]: 7: Hoare triple {100#true} assume true; {100#true} is VALID [2018-11-23 11:10:47,930 INFO L268 TraceCheckUtils]: 8: Hoare quadruple {100#true} {100#true} #131#return; {100#true} is VALID [2018-11-23 11:10:47,930 INFO L256 TraceCheckUtils]: 9: Hoare triple {100#true} call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); {100#true} is VALID [2018-11-23 11:10:47,931 INFO L273 TraceCheckUtils]: 10: Hoare triple {100#true} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {100#true} is VALID [2018-11-23 11:10:47,931 INFO L273 TraceCheckUtils]: 11: Hoare triple {100#true} assume true; {100#true} is VALID [2018-11-23 11:10:47,932 INFO L268 TraceCheckUtils]: 12: Hoare quadruple {100#true} {100#true} #133#return; {100#true} is VALID [2018-11-23 11:10:47,932 INFO L273 TraceCheckUtils]: 13: Hoare triple {100#true} ~m1~0.base, ~m1~0.offset := #t~ret30.base, #t~ret30.offset;havoc #t~ret30.base, #t~ret30.offset; {100#true} is VALID [2018-11-23 11:10:47,933 INFO L256 TraceCheckUtils]: 14: Hoare triple {100#true} call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); {100#true} is VALID [2018-11-23 11:10:47,933 INFO L273 TraceCheckUtils]: 15: Hoare triple {100#true} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {100#true} is VALID [2018-11-23 11:10:47,933 INFO L273 TraceCheckUtils]: 16: Hoare triple {100#true} assume true; {100#true} is VALID [2018-11-23 11:10:47,934 INFO L268 TraceCheckUtils]: 17: Hoare quadruple {100#true} {100#true} #135#return; {100#true} is VALID [2018-11-23 11:10:47,934 INFO L273 TraceCheckUtils]: 18: Hoare triple {100#true} ~m2~0.base, ~m2~0.offset := #t~ret31.base, #t~ret31.offset;havoc #t~ret31.base, #t~ret31.offset; {100#true} is VALID [2018-11-23 11:10:47,934 INFO L256 TraceCheckUtils]: 19: Hoare triple {100#true} call mutex_lock(~m1~0.base, ~m1~0.offset); {100#true} is VALID [2018-11-23 11:10:47,935 INFO L273 TraceCheckUtils]: 20: Hoare triple {100#true} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {100#true} is VALID [2018-11-23 11:10:47,935 INFO L256 TraceCheckUtils]: 21: Hoare triple {100#true} call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {100#true} is VALID [2018-11-23 11:10:47,936 INFO L273 TraceCheckUtils]: 22: Hoare triple {100#true} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {100#true} is VALID [2018-11-23 11:10:47,936 INFO L273 TraceCheckUtils]: 23: Hoare triple {100#true} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {100#true} is VALID [2018-11-23 11:10:47,955 INFO L273 TraceCheckUtils]: 24: Hoare triple {100#true} #res := 0bv32; {177#(= |ldv_is_in_set_#res| (_ bv0 32))} is VALID [2018-11-23 11:10:47,970 INFO L273 TraceCheckUtils]: 25: Hoare triple {177#(= |ldv_is_in_set_#res| (_ bv0 32))} assume true; {177#(= |ldv_is_in_set_#res| (_ bv0 32))} is VALID [2018-11-23 11:10:47,986 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {177#(= |ldv_is_in_set_#res| (_ bv0 32))} {100#true} #161#return; {184#(= |mutex_lock_#t~ret27| (_ bv0 32))} is VALID [2018-11-23 11:10:47,994 INFO L273 TraceCheckUtils]: 27: Hoare triple {184#(= |mutex_lock_#t~ret27| (_ bv0 32))} assume 0bv32 != #t~ret27;havoc #t~ret27; {101#false} is VALID [2018-11-23 11:10:47,994 INFO L273 TraceCheckUtils]: 28: Hoare triple {101#false} assume !false; {101#false} is VALID [2018-11-23 11:10:48,000 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-23 11:10:48,000 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:10:48,007 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:10:48,010 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-23 11:10:48,016 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 29 [2018-11-23 11:10:48,019 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:10:48,023 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-23 11:10:48,120 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:10:48,121 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-23 11:10:48,129 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-23 11:10:48,130 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-23 11:10:48,133 INFO L87 Difference]: Start difference. First operand 97 states. Second operand 4 states. [2018-11-23 11:10:49,506 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:49,506 INFO L93 Difference]: Finished difference Result 183 states and 223 transitions. [2018-11-23 11:10:49,507 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-23 11:10:49,507 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 29 [2018-11-23 11:10:49,507 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:10:49,509 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:10:49,545 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 223 transitions. [2018-11-23 11:10:49,546 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:10:49,573 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 223 transitions. [2018-11-23 11:10:49,574 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 223 transitions. [2018-11-23 11:10:50,108 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 223 edges. 223 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:10:50,130 INFO L225 Difference]: With dead ends: 183 [2018-11-23 11:10:50,130 INFO L226 Difference]: Without dead ends: 91 [2018-11-23 11:10:50,137 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-23 11:10:50,157 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2018-11-23 11:10:50,472 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2018-11-23 11:10:50,473 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:10:50,474 INFO L82 GeneralOperation]: Start isEquivalent. First operand 91 states. Second operand 91 states. [2018-11-23 11:10:50,475 INFO L74 IsIncluded]: Start isIncluded. First operand 91 states. Second operand 91 states. [2018-11-23 11:10:50,475 INFO L87 Difference]: Start difference. First operand 91 states. Second operand 91 states. [2018-11-23 11:10:50,485 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:50,486 INFO L93 Difference]: Finished difference Result 91 states and 103 transitions. [2018-11-23 11:10:50,486 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 103 transitions. [2018-11-23 11:10:50,488 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:10:50,488 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:10:50,489 INFO L74 IsIncluded]: Start isIncluded. First operand 91 states. Second operand 91 states. [2018-11-23 11:10:50,489 INFO L87 Difference]: Start difference. First operand 91 states. Second operand 91 states. [2018-11-23 11:10:50,498 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:50,498 INFO L93 Difference]: Finished difference Result 91 states and 103 transitions. [2018-11-23 11:10:50,498 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 103 transitions. [2018-11-23 11:10:50,500 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:10:50,500 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:10:50,501 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:10:50,501 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:10:50,501 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 91 states. [2018-11-23 11:10:50,508 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 103 transitions. [2018-11-23 11:10:50,510 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 103 transitions. Word has length 29 [2018-11-23 11:10:50,511 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:10:50,511 INFO L480 AbstractCegarLoop]: Abstraction has 91 states and 103 transitions. [2018-11-23 11:10:50,511 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-23 11:10:50,512 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 103 transitions. [2018-11-23 11:10:50,513 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2018-11-23 11:10:50,513 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:10:50,513 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:10:50,514 INFO L423 AbstractCegarLoop]: === Iteration 2 === [mutex_unlockErr0ASSERT_VIOLATIONERROR_FUNCTION, ldv_check_final_stateErr0ASSERT_VIOLATIONERROR_FUNCTION, mutex_lockErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:10:50,514 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:10:50,514 INFO L82 PathProgramCache]: Analyzing trace with hash -2067228113, now seen corresponding path program 1 times [2018-11-23 11:10:50,515 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:10:50,516 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:10:50,533 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:10:50,608 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:50,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:50,648 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:10:50,978 INFO L256 TraceCheckUtils]: 0: Hoare triple {754#true} call ULTIMATE.init(); {754#true} is VALID [2018-11-23 11:10:50,981 INFO L273 TraceCheckUtils]: 1: Hoare triple {754#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];call ~#mutexes~0.base, ~#mutexes~0.offset := #Ultimate.alloc(8bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~#mutexes~0.offset, 4bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~bvadd32(4bv32, ~#mutexes~0.offset), 4bv32); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,986 INFO L273 TraceCheckUtils]: 2: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,988 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {754#true} #171#return; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,988 INFO L256 TraceCheckUtils]: 4: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call #t~ret32 := main(); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,990 INFO L256 TraceCheckUtils]: 5: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call foo(); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,991 INFO L256 TraceCheckUtils]: 6: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call ldv_initialize(); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,993 INFO L273 TraceCheckUtils]: 7: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,995 INFO L268 TraceCheckUtils]: 8: Hoare quadruple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #131#return; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,997 INFO L256 TraceCheckUtils]: 9: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:50,998 INFO L273 TraceCheckUtils]: 10: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,000 INFO L273 TraceCheckUtils]: 11: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,002 INFO L268 TraceCheckUtils]: 12: Hoare quadruple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #133#return; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,007 INFO L273 TraceCheckUtils]: 13: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~m1~0.base, ~m1~0.offset := #t~ret30.base, #t~ret30.offset;havoc #t~ret30.base, #t~ret30.offset; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,008 INFO L256 TraceCheckUtils]: 14: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,009 INFO L273 TraceCheckUtils]: 15: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,010 INFO L273 TraceCheckUtils]: 16: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,012 INFO L268 TraceCheckUtils]: 17: Hoare quadruple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #135#return; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,013 INFO L273 TraceCheckUtils]: 18: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~m2~0.base, ~m2~0.offset := #t~ret31.base, #t~ret31.offset;havoc #t~ret31.base, #t~ret31.offset; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,014 INFO L256 TraceCheckUtils]: 19: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call mutex_lock(~m1~0.base, ~m1~0.offset); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,016 INFO L273 TraceCheckUtils]: 20: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,024 INFO L256 TraceCheckUtils]: 21: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,038 INFO L273 TraceCheckUtils]: 22: Hoare triple {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {826#(and (= |ldv_is_in_set_#in~s.base| ldv_is_in_set_~s.base) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset) ldv_is_in_set_~m~1.base) (= (bvadd ldv_is_in_set_~m~1.offset (_ bv4 32)) (select (select |#memory_$Pointer$.offset| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset)) (= ldv_is_in_set_~s.offset |ldv_is_in_set_#in~s.offset|) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,055 INFO L273 TraceCheckUtils]: 23: Hoare triple {826#(and (= |ldv_is_in_set_#in~s.base| ldv_is_in_set_~s.base) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset) ldv_is_in_set_~m~1.base) (= (bvadd ldv_is_in_set_~m~1.offset (_ bv4 32)) (select (select |#memory_$Pointer$.offset| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset)) (= ldv_is_in_set_~s.offset |ldv_is_in_set_#in~s.offset|) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume !!(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset);call #t~mem25.base, #t~mem25.offset := read~$Pointer$(~m~1.base, ~m~1.offset, 4bv32); {830#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,056 INFO L273 TraceCheckUtils]: 24: Hoare triple {830#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume #t~mem25.base == ~e.base && #t~mem25.offset == ~e.offset;havoc #t~mem25.base, #t~mem25.offset;#res := 1bv32; {830#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,057 INFO L273 TraceCheckUtils]: 25: Hoare triple {830#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {830#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:51,059 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {830#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {762#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #161#return; {755#false} is VALID [2018-11-23 11:10:51,060 INFO L273 TraceCheckUtils]: 27: Hoare triple {755#false} assume 0bv32 != #t~ret27;havoc #t~ret27; {755#false} is VALID [2018-11-23 11:10:51,060 INFO L273 TraceCheckUtils]: 28: Hoare triple {755#false} assume !false; {755#false} is VALID [2018-11-23 11:10:51,070 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2018-11-23 11:10:51,071 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:10:51,079 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:10:51,079 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-11-23 11:10:51,081 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 29 [2018-11-23 11:10:51,082 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:10:51,082 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2018-11-23 11:10:51,234 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:10:51,234 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-11-23 11:10:51,234 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-11-23 11:10:51,234 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2018-11-23 11:10:51,235 INFO L87 Difference]: Start difference. First operand 91 states and 103 transitions. Second operand 5 states. [2018-11-23 11:10:53,942 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:53,942 INFO L93 Difference]: Finished difference Result 235 states and 283 transitions. [2018-11-23 11:10:53,942 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2018-11-23 11:10:53,943 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 29 [2018-11-23 11:10:53,943 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:10:53,943 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:10:53,953 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 269 transitions. [2018-11-23 11:10:53,953 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2018-11-23 11:10:53,962 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 269 transitions. [2018-11-23 11:10:53,962 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 269 transitions. [2018-11-23 11:10:54,596 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 269 edges. 269 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:10:54,610 INFO L225 Difference]: With dead ends: 235 [2018-11-23 11:10:54,611 INFO L226 Difference]: Without dead ends: 158 [2018-11-23 11:10:54,614 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 25 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=14, Invalid=16, Unknown=0, NotChecked=0, Total=30 [2018-11-23 11:10:54,615 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2018-11-23 11:10:54,885 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 132. [2018-11-23 11:10:54,886 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:10:54,886 INFO L82 GeneralOperation]: Start isEquivalent. First operand 158 states. Second operand 132 states. [2018-11-23 11:10:54,887 INFO L74 IsIncluded]: Start isIncluded. First operand 158 states. Second operand 132 states. [2018-11-23 11:10:54,887 INFO L87 Difference]: Start difference. First operand 158 states. Second operand 132 states. [2018-11-23 11:10:54,898 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:54,899 INFO L93 Difference]: Finished difference Result 158 states and 187 transitions. [2018-11-23 11:10:54,899 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states and 187 transitions. [2018-11-23 11:10:54,902 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:10:54,902 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:10:54,903 INFO L74 IsIncluded]: Start isIncluded. First operand 132 states. Second operand 158 states. [2018-11-23 11:10:54,903 INFO L87 Difference]: Start difference. First operand 132 states. Second operand 158 states. [2018-11-23 11:10:54,914 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:54,914 INFO L93 Difference]: Finished difference Result 158 states and 187 transitions. [2018-11-23 11:10:54,915 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states and 187 transitions. [2018-11-23 11:10:54,917 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:10:54,917 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:10:54,917 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:10:54,917 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:10:54,917 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 132 states. [2018-11-23 11:10:54,925 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 132 states to 132 states and 160 transitions. [2018-11-23 11:10:54,926 INFO L78 Accepts]: Start accepts. Automaton has 132 states and 160 transitions. Word has length 29 [2018-11-23 11:10:54,926 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:10:54,926 INFO L480 AbstractCegarLoop]: Abstraction has 132 states and 160 transitions. [2018-11-23 11:10:54,926 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-11-23 11:10:54,927 INFO L276 IsEmpty]: Start isEmpty. Operand 132 states and 160 transitions. [2018-11-23 11:10:54,929 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2018-11-23 11:10:54,930 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:10:54,930 INFO L402 BasicCegarLoop]: trace histogram [5, 5, 5, 5, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:10:54,930 INFO L423 AbstractCegarLoop]: === Iteration 3 === [mutex_unlockErr0ASSERT_VIOLATIONERROR_FUNCTION, ldv_check_final_stateErr0ASSERT_VIOLATIONERROR_FUNCTION, mutex_lockErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:10:54,931 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:10:54,931 INFO L82 PathProgramCache]: Analyzing trace with hash -1711544116, now seen corresponding path program 1 times [2018-11-23 11:10:54,932 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:10:54,932 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:10:54,964 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:10:55,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:55,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:55,127 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:10:55,335 INFO L256 TraceCheckUtils]: 0: Hoare triple {1683#true} call ULTIMATE.init(); {1683#true} is VALID [2018-11-23 11:10:55,335 INFO L273 TraceCheckUtils]: 1: Hoare triple {1683#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];call ~#mutexes~0.base, ~#mutexes~0.offset := #Ultimate.alloc(8bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~#mutexes~0.offset, 4bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~bvadd32(4bv32, ~#mutexes~0.offset), 4bv32); {1683#true} is VALID [2018-11-23 11:10:55,336 INFO L273 TraceCheckUtils]: 2: Hoare triple {1683#true} assume true; {1683#true} is VALID [2018-11-23 11:10:55,336 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {1683#true} {1683#true} #171#return; {1683#true} is VALID [2018-11-23 11:10:55,336 INFO L256 TraceCheckUtils]: 4: Hoare triple {1683#true} call #t~ret32 := main(); {1683#true} is VALID [2018-11-23 11:10:55,337 INFO L256 TraceCheckUtils]: 5: Hoare triple {1683#true} call foo(); {1683#true} is VALID [2018-11-23 11:10:55,337 INFO L256 TraceCheckUtils]: 6: Hoare triple {1683#true} call ldv_initialize(); {1683#true} is VALID [2018-11-23 11:10:55,337 INFO L273 TraceCheckUtils]: 7: Hoare triple {1683#true} assume true; {1683#true} is VALID [2018-11-23 11:10:55,338 INFO L268 TraceCheckUtils]: 8: Hoare quadruple {1683#true} {1683#true} #131#return; {1683#true} is VALID [2018-11-23 11:10:55,338 INFO L256 TraceCheckUtils]: 9: Hoare triple {1683#true} call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); {1683#true} is VALID [2018-11-23 11:10:55,338 INFO L273 TraceCheckUtils]: 10: Hoare triple {1683#true} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {1683#true} is VALID [2018-11-23 11:10:55,339 INFO L273 TraceCheckUtils]: 11: Hoare triple {1683#true} assume true; {1683#true} is VALID [2018-11-23 11:10:55,339 INFO L268 TraceCheckUtils]: 12: Hoare quadruple {1683#true} {1683#true} #133#return; {1683#true} is VALID [2018-11-23 11:10:55,339 INFO L273 TraceCheckUtils]: 13: Hoare triple {1683#true} ~m1~0.base, ~m1~0.offset := #t~ret30.base, #t~ret30.offset;havoc #t~ret30.base, #t~ret30.offset; {1683#true} is VALID [2018-11-23 11:10:55,339 INFO L256 TraceCheckUtils]: 14: Hoare triple {1683#true} call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); {1683#true} is VALID [2018-11-23 11:10:55,340 INFO L273 TraceCheckUtils]: 15: Hoare triple {1683#true} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {1683#true} is VALID [2018-11-23 11:10:55,340 INFO L273 TraceCheckUtils]: 16: Hoare triple {1683#true} assume true; {1683#true} is VALID [2018-11-23 11:10:55,340 INFO L268 TraceCheckUtils]: 17: Hoare quadruple {1683#true} {1683#true} #135#return; {1683#true} is VALID [2018-11-23 11:10:55,340 INFO L273 TraceCheckUtils]: 18: Hoare triple {1683#true} ~m2~0.base, ~m2~0.offset := #t~ret31.base, #t~ret31.offset;havoc #t~ret31.base, #t~ret31.offset; {1683#true} is VALID [2018-11-23 11:10:55,341 INFO L256 TraceCheckUtils]: 19: Hoare triple {1683#true} call mutex_lock(~m1~0.base, ~m1~0.offset); {1683#true} is VALID [2018-11-23 11:10:55,341 INFO L273 TraceCheckUtils]: 20: Hoare triple {1683#true} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {1683#true} is VALID [2018-11-23 11:10:55,341 INFO L256 TraceCheckUtils]: 21: Hoare triple {1683#true} call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {1683#true} is VALID [2018-11-23 11:10:55,341 INFO L273 TraceCheckUtils]: 22: Hoare triple {1683#true} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {1683#true} is VALID [2018-11-23 11:10:55,342 INFO L273 TraceCheckUtils]: 23: Hoare triple {1683#true} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {1683#true} is VALID [2018-11-23 11:10:55,342 INFO L273 TraceCheckUtils]: 24: Hoare triple {1683#true} #res := 0bv32; {1683#true} is VALID [2018-11-23 11:10:55,342 INFO L273 TraceCheckUtils]: 25: Hoare triple {1683#true} assume true; {1683#true} is VALID [2018-11-23 11:10:55,343 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {1683#true} {1683#true} #161#return; {1683#true} is VALID [2018-11-23 11:10:55,343 INFO L273 TraceCheckUtils]: 27: Hoare triple {1683#true} assume !(0bv32 != #t~ret27);havoc #t~ret27; {1683#true} is VALID [2018-11-23 11:10:55,343 INFO L256 TraceCheckUtils]: 28: Hoare triple {1683#true} call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {1683#true} is VALID [2018-11-23 11:10:55,343 INFO L273 TraceCheckUtils]: 29: Hoare triple {1683#true} ~new.base, ~new.offset := #in~new.base, #in~new.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset; {1683#true} is VALID [2018-11-23 11:10:55,344 INFO L256 TraceCheckUtils]: 30: Hoare triple {1683#true} call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); {1683#true} is VALID [2018-11-23 11:10:55,344 INFO L273 TraceCheckUtils]: 31: Hoare triple {1683#true} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {1683#true} is VALID [2018-11-23 11:10:55,344 INFO L273 TraceCheckUtils]: 32: Hoare triple {1683#true} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {1683#true} is VALID [2018-11-23 11:10:55,349 INFO L273 TraceCheckUtils]: 33: Hoare triple {1683#true} #res := 0bv32; {1787#(= |ldv_is_in_set_#res| (_ bv0 32))} is VALID [2018-11-23 11:10:55,349 INFO L273 TraceCheckUtils]: 34: Hoare triple {1787#(= |ldv_is_in_set_#res| (_ bv0 32))} assume true; {1787#(= |ldv_is_in_set_#res| (_ bv0 32))} is VALID [2018-11-23 11:10:55,365 INFO L268 TraceCheckUtils]: 35: Hoare quadruple {1787#(= |ldv_is_in_set_#res| (_ bv0 32))} {1683#true} #165#return; {1794#(= |ldv_set_add_#t~ret17| (_ bv0 32))} is VALID [2018-11-23 11:10:55,379 INFO L273 TraceCheckUtils]: 36: Hoare triple {1794#(= |ldv_set_add_#t~ret17| (_ bv0 32))} assume !(0bv32 == #t~ret17);havoc #t~ret17; {1684#false} is VALID [2018-11-23 11:10:55,379 INFO L273 TraceCheckUtils]: 37: Hoare triple {1684#false} assume true; {1684#false} is VALID [2018-11-23 11:10:55,380 INFO L268 TraceCheckUtils]: 38: Hoare quadruple {1684#false} {1683#true} #163#return; {1684#false} is VALID [2018-11-23 11:10:55,380 INFO L273 TraceCheckUtils]: 39: Hoare triple {1684#false} assume true; {1684#false} is VALID [2018-11-23 11:10:55,380 INFO L268 TraceCheckUtils]: 40: Hoare quadruple {1684#false} {1683#true} #137#return; {1684#false} is VALID [2018-11-23 11:10:55,381 INFO L256 TraceCheckUtils]: 41: Hoare triple {1684#false} call mutex_lock(~m1~0.base, ~m1~0.offset); {1684#false} is VALID [2018-11-23 11:10:55,381 INFO L273 TraceCheckUtils]: 42: Hoare triple {1684#false} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {1684#false} is VALID [2018-11-23 11:10:55,381 INFO L256 TraceCheckUtils]: 43: Hoare triple {1684#false} call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {1684#false} is VALID [2018-11-23 11:10:55,381 INFO L273 TraceCheckUtils]: 44: Hoare triple {1684#false} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {1684#false} is VALID [2018-11-23 11:10:55,382 INFO L273 TraceCheckUtils]: 45: Hoare triple {1684#false} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {1684#false} is VALID [2018-11-23 11:10:55,382 INFO L273 TraceCheckUtils]: 46: Hoare triple {1684#false} #res := 0bv32; {1684#false} is VALID [2018-11-23 11:10:55,382 INFO L273 TraceCheckUtils]: 47: Hoare triple {1684#false} assume true; {1684#false} is VALID [2018-11-23 11:10:55,383 INFO L268 TraceCheckUtils]: 48: Hoare quadruple {1684#false} {1684#false} #161#return; {1684#false} is VALID [2018-11-23 11:10:55,383 INFO L273 TraceCheckUtils]: 49: Hoare triple {1684#false} assume !(0bv32 != #t~ret27);havoc #t~ret27; {1684#false} is VALID [2018-11-23 11:10:55,383 INFO L256 TraceCheckUtils]: 50: Hoare triple {1684#false} call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {1684#false} is VALID [2018-11-23 11:10:55,384 INFO L273 TraceCheckUtils]: 51: Hoare triple {1684#false} ~new.base, ~new.offset := #in~new.base, #in~new.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset; {1684#false} is VALID [2018-11-23 11:10:55,384 INFO L256 TraceCheckUtils]: 52: Hoare triple {1684#false} call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); {1684#false} is VALID [2018-11-23 11:10:55,384 INFO L273 TraceCheckUtils]: 53: Hoare triple {1684#false} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {1684#false} is VALID [2018-11-23 11:10:55,385 INFO L273 TraceCheckUtils]: 54: Hoare triple {1684#false} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {1684#false} is VALID [2018-11-23 11:10:55,385 INFO L273 TraceCheckUtils]: 55: Hoare triple {1684#false} #res := 0bv32; {1684#false} is VALID [2018-11-23 11:10:55,385 INFO L273 TraceCheckUtils]: 56: Hoare triple {1684#false} assume true; {1684#false} is VALID [2018-11-23 11:10:55,385 INFO L268 TraceCheckUtils]: 57: Hoare quadruple {1684#false} {1684#false} #165#return; {1684#false} is VALID [2018-11-23 11:10:55,386 INFO L273 TraceCheckUtils]: 58: Hoare triple {1684#false} assume !(0bv32 == #t~ret17);havoc #t~ret17; {1684#false} is VALID [2018-11-23 11:10:55,386 INFO L273 TraceCheckUtils]: 59: Hoare triple {1684#false} assume true; {1684#false} is VALID [2018-11-23 11:10:55,428 INFO L268 TraceCheckUtils]: 60: Hoare quadruple {1684#false} {1684#false} #163#return; {1684#false} is VALID [2018-11-23 11:10:55,428 INFO L273 TraceCheckUtils]: 61: Hoare triple {1684#false} assume true; {1684#false} is VALID [2018-11-23 11:10:55,428 INFO L268 TraceCheckUtils]: 62: Hoare quadruple {1684#false} {1684#false} #139#return; {1684#false} is VALID [2018-11-23 11:10:55,429 INFO L256 TraceCheckUtils]: 63: Hoare triple {1684#false} call mutex_unlock(~m2~0.base, ~m2~0.offset); {1684#false} is VALID [2018-11-23 11:10:55,429 INFO L273 TraceCheckUtils]: 64: Hoare triple {1684#false} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {1684#false} is VALID [2018-11-23 11:10:55,429 INFO L256 TraceCheckUtils]: 65: Hoare triple {1684#false} call #t~ret28 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {1684#false} is VALID [2018-11-23 11:10:55,430 INFO L273 TraceCheckUtils]: 66: Hoare triple {1684#false} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {1684#false} is VALID [2018-11-23 11:10:55,435 INFO L273 TraceCheckUtils]: 67: Hoare triple {1684#false} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {1684#false} is VALID [2018-11-23 11:10:55,435 INFO L273 TraceCheckUtils]: 68: Hoare triple {1684#false} #res := 0bv32; {1684#false} is VALID [2018-11-23 11:10:55,436 INFO L273 TraceCheckUtils]: 69: Hoare triple {1684#false} assume true; {1684#false} is VALID [2018-11-23 11:10:55,436 INFO L268 TraceCheckUtils]: 70: Hoare quadruple {1684#false} {1684#false} #151#return; {1684#false} is VALID [2018-11-23 11:10:55,436 INFO L273 TraceCheckUtils]: 71: Hoare triple {1684#false} assume 0bv32 == #t~ret28;havoc #t~ret28; {1684#false} is VALID [2018-11-23 11:10:55,436 INFO L273 TraceCheckUtils]: 72: Hoare triple {1684#false} assume !false; {1684#false} is VALID [2018-11-23 11:10:55,445 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 39 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2018-11-23 11:10:55,445 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:10:55,461 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:10:55,462 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2018-11-23 11:10:55,462 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 73 [2018-11-23 11:10:55,463 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:10:55,463 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2018-11-23 11:10:55,583 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 59 edges. 59 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:10:55,583 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2018-11-23 11:10:55,584 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2018-11-23 11:10:55,584 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-23 11:10:55,584 INFO L87 Difference]: Start difference. First operand 132 states and 160 transitions. Second operand 4 states. [2018-11-23 11:10:56,508 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:56,508 INFO L93 Difference]: Finished difference Result 239 states and 291 transitions. [2018-11-23 11:10:56,508 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2018-11-23 11:10:56,508 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 73 [2018-11-23 11:10:56,509 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:10:56,509 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:10:56,513 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 186 transitions. [2018-11-23 11:10:56,514 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2018-11-23 11:10:56,518 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 186 transitions. [2018-11-23 11:10:56,518 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 186 transitions. [2018-11-23 11:10:56,820 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 186 edges. 186 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:10:56,826 INFO L225 Difference]: With dead ends: 239 [2018-11-23 11:10:56,827 INFO L226 Difference]: Without dead ends: 136 [2018-11-23 11:10:56,828 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 72 GetRequests, 70 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2018-11-23 11:10:56,829 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 136 states. [2018-11-23 11:10:56,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 136 to 136. [2018-11-23 11:10:56,965 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:10:56,965 INFO L82 GeneralOperation]: Start isEquivalent. First operand 136 states. Second operand 136 states. [2018-11-23 11:10:56,965 INFO L74 IsIncluded]: Start isIncluded. First operand 136 states. Second operand 136 states. [2018-11-23 11:10:56,965 INFO L87 Difference]: Start difference. First operand 136 states. Second operand 136 states. [2018-11-23 11:10:56,973 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:56,973 INFO L93 Difference]: Finished difference Result 136 states and 164 transitions. [2018-11-23 11:10:56,973 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 164 transitions. [2018-11-23 11:10:56,975 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:10:56,975 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:10:56,975 INFO L74 IsIncluded]: Start isIncluded. First operand 136 states. Second operand 136 states. [2018-11-23 11:10:56,975 INFO L87 Difference]: Start difference. First operand 136 states. Second operand 136 states. [2018-11-23 11:10:56,982 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:10:56,983 INFO L93 Difference]: Finished difference Result 136 states and 164 transitions. [2018-11-23 11:10:56,983 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 164 transitions. [2018-11-23 11:10:56,984 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:10:56,984 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:10:56,984 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:10:56,985 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:10:56,985 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 136 states. [2018-11-23 11:10:56,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 164 transitions. [2018-11-23 11:10:56,992 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 164 transitions. Word has length 73 [2018-11-23 11:10:56,992 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:10:56,992 INFO L480 AbstractCegarLoop]: Abstraction has 136 states and 164 transitions. [2018-11-23 11:10:56,992 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2018-11-23 11:10:56,992 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 164 transitions. [2018-11-23 11:10:56,993 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2018-11-23 11:10:56,994 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:10:56,994 INFO L402 BasicCegarLoop]: trace histogram [5, 5, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:10:56,994 INFO L423 AbstractCegarLoop]: === Iteration 4 === [mutex_unlockErr0ASSERT_VIOLATIONERROR_FUNCTION, ldv_check_final_stateErr0ASSERT_VIOLATIONERROR_FUNCTION, mutex_lockErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:10:56,994 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:10:56,995 INFO L82 PathProgramCache]: Analyzing trace with hash -1933427362, now seen corresponding path program 1 times [2018-11-23 11:10:56,995 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:10:56,995 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:10:57,022 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:10:57,172 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:57,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-23 11:10:57,257 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-23 11:10:57,504 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 5 [2018-11-23 11:10:57,516 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 1 [2018-11-23 11:10:57,517 INFO L267 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2018-11-23 11:10:57,519 INFO L267 ElimStorePlain]: Start of recursive call 2: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:10:57,537 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 5 [2018-11-23 11:10:57,543 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 1 [2018-11-23 11:10:57,544 INFO L267 ElimStorePlain]: Start of recursive call 5: End of recursive call: and 1 xjuncts. [2018-11-23 11:10:57,545 INFO L267 ElimStorePlain]: Start of recursive call 4: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:10:57,554 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2018-11-23 11:10:57,554 INFO L202 ElimStorePlain]: Needed 5 recursive calls to eliminate 2 variables, input treesize:24, output treesize:10 [2018-11-23 11:10:57,559 WARN L383 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2018-11-23 11:10:57,559 WARN L384 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.offset_BEFORE_CALL_6|, |v_#memory_$Pointer$.base_BEFORE_CALL_6|]. (and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |~#mutexes~0.offset| (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_6| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_6| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|)) [2018-11-23 11:10:57,559 WARN L385 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|)) [2018-11-23 11:10:57,983 INFO L256 TraceCheckUtils]: 0: Hoare triple {2706#true} call ULTIMATE.init(); {2706#true} is VALID [2018-11-23 11:10:57,984 INFO L273 TraceCheckUtils]: 1: Hoare triple {2706#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];call ~#mutexes~0.base, ~#mutexes~0.offset := #Ultimate.alloc(8bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~#mutexes~0.offset, 4bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~bvadd32(4bv32, ~#mutexes~0.offset), 4bv32); {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,985 INFO L273 TraceCheckUtils]: 2: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,986 INFO L268 TraceCheckUtils]: 3: Hoare quadruple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {2706#true} #171#return; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,987 INFO L256 TraceCheckUtils]: 4: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call #t~ret32 := main(); {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,988 INFO L256 TraceCheckUtils]: 5: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call foo(); {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,989 INFO L256 TraceCheckUtils]: 6: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call ldv_initialize(); {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,990 INFO L273 TraceCheckUtils]: 7: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,991 INFO L268 TraceCheckUtils]: 8: Hoare quadruple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #131#return; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,992 INFO L256 TraceCheckUtils]: 9: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,994 INFO L273 TraceCheckUtils]: 10: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,995 INFO L273 TraceCheckUtils]: 11: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,998 INFO L268 TraceCheckUtils]: 12: Hoare quadruple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #133#return; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,999 INFO L273 TraceCheckUtils]: 13: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~m1~0.base, ~m1~0.offset := #t~ret30.base, #t~ret30.offset;havoc #t~ret30.base, #t~ret30.offset; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:57,999 INFO L256 TraceCheckUtils]: 14: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:58,000 INFO L273 TraceCheckUtils]: 15: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:58,001 INFO L273 TraceCheckUtils]: 16: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} assume true; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:58,003 INFO L268 TraceCheckUtils]: 17: Hoare quadruple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #135#return; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:58,004 INFO L273 TraceCheckUtils]: 18: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} ~m2~0.base, ~m2~0.offset := #t~ret31.base, #t~ret31.offset;havoc #t~ret31.base, #t~ret31.offset; {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} is VALID [2018-11-23 11:10:58,006 INFO L256 TraceCheckUtils]: 19: Hoare triple {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} call mutex_lock(~m1~0.base, ~m1~0.offset); {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:10:58,007 INFO L273 TraceCheckUtils]: 20: Hoare triple {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:10:58,008 INFO L256 TraceCheckUtils]: 21: Hoare triple {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} is VALID [2018-11-23 11:10:58,009 INFO L273 TraceCheckUtils]: 22: Hoare triple {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} is VALID [2018-11-23 11:10:58,009 INFO L273 TraceCheckUtils]: 23: Hoare triple {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} is VALID [2018-11-23 11:10:58,010 INFO L273 TraceCheckUtils]: 24: Hoare triple {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} #res := 0bv32; {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} is VALID [2018-11-23 11:10:58,010 INFO L273 TraceCheckUtils]: 25: Hoare triple {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} assume true; {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} is VALID [2018-11-23 11:10:58,012 INFO L268 TraceCheckUtils]: 26: Hoare quadruple {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} #161#return; {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:10:58,013 INFO L273 TraceCheckUtils]: 27: Hoare triple {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} assume !(0bv32 != #t~ret27);havoc #t~ret27; {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:10:58,015 INFO L256 TraceCheckUtils]: 28: Hoare triple {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:10:58,016 INFO L273 TraceCheckUtils]: 29: Hoare triple {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} ~new.base, ~new.offset := #in~new.base, #in~new.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset; {2801#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= ldv_set_add_~s.base |ldv_set_add_#in~s.base|) (= |ldv_set_add_#in~s.offset| ldv_set_add_~s.offset))} is VALID [2018-11-23 11:10:58,018 INFO L256 TraceCheckUtils]: 30: Hoare triple {2801#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= ldv_set_add_~s.base |ldv_set_add_#in~s.base|) (= |ldv_set_add_#in~s.offset| ldv_set_add_~s.offset))} call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} is VALID [2018-11-23 11:10:58,027 INFO L273 TraceCheckUtils]: 31: Hoare triple {2776#(= (_ bv0 32) |~#mutexes~0.offset|)} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {2808#(and (= |ldv_is_in_set_#in~s.base| ldv_is_in_set_~s.base) (= (_ bv0 32) |~#mutexes~0.offset|) (= (select (select |#memory_$Pointer$.base| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset) ldv_is_in_set_~m~1.base) (= (bvadd ldv_is_in_set_~m~1.offset (_ bv4 32)) (select (select |#memory_$Pointer$.offset| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset)) (= ldv_is_in_set_~s.offset |ldv_is_in_set_#in~s.offset|))} is VALID [2018-11-23 11:10:58,046 INFO L273 TraceCheckUtils]: 32: Hoare triple {2808#(and (= |ldv_is_in_set_#in~s.base| ldv_is_in_set_~s.base) (= (_ bv0 32) |~#mutexes~0.offset|) (= (select (select |#memory_$Pointer$.base| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset) ldv_is_in_set_~m~1.base) (= (bvadd ldv_is_in_set_~m~1.offset (_ bv4 32)) (select (select |#memory_$Pointer$.offset| ldv_is_in_set_~s.base) ldv_is_in_set_~s.offset)) (= ldv_is_in_set_~s.offset |ldv_is_in_set_#in~s.offset|))} assume !!(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset);call #t~mem25.base, #t~mem25.offset := read~$Pointer$(~m~1.base, ~m~1.offset, 4bv32); {2812#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|))} is VALID [2018-11-23 11:10:58,047 INFO L273 TraceCheckUtils]: 33: Hoare triple {2812#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|))} assume #t~mem25.base == ~e.base && #t~mem25.offset == ~e.offset;havoc #t~mem25.base, #t~mem25.offset;#res := 1bv32; {2812#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|))} is VALID [2018-11-23 11:10:58,048 INFO L273 TraceCheckUtils]: 34: Hoare triple {2812#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|))} assume true; {2812#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|))} is VALID [2018-11-23 11:10:58,050 INFO L268 TraceCheckUtils]: 35: Hoare quadruple {2812#(and (or (not (= |ldv_is_in_set_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_is_in_set_#in~s.base|) |ldv_is_in_set_#in~s.offset|) |ldv_is_in_set_#in~s.offset|))) (= (_ bv0 32) |~#mutexes~0.offset|))} {2801#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (= ldv_set_add_~s.base |ldv_set_add_#in~s.base|) (= |ldv_set_add_#in~s.offset| ldv_set_add_~s.offset))} #165#return; {2822#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (or (not (= |ldv_set_add_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|) |ldv_set_add_#in~s.offset|))))} is VALID [2018-11-23 11:10:58,053 INFO L273 TraceCheckUtils]: 36: Hoare triple {2822#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (or (not (= |ldv_set_add_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|) |ldv_set_add_#in~s.offset|))))} assume !(0bv32 == #t~ret17);havoc #t~ret17; {2822#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (or (not (= |ldv_set_add_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|) |ldv_set_add_#in~s.offset|))))} is VALID [2018-11-23 11:10:58,054 INFO L273 TraceCheckUtils]: 37: Hoare triple {2822#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (or (not (= |ldv_set_add_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|) |ldv_set_add_#in~s.offset|))))} assume true; {2822#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (or (not (= |ldv_set_add_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|) |ldv_set_add_#in~s.offset|))))} is VALID [2018-11-23 11:10:58,056 INFO L268 TraceCheckUtils]: 38: Hoare quadruple {2822#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|) (or (not (= |ldv_set_add_#in~s.base| (select (select |#memory_$Pointer$.base| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|))) (not (= (select (select |#memory_$Pointer$.offset| |ldv_set_add_#in~s.base|) |ldv_set_add_#in~s.offset|) |ldv_set_add_#in~s.offset|))))} {2769#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} #163#return; {2832#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (or (not (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|))) (not (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:10:58,056 INFO L273 TraceCheckUtils]: 39: Hoare triple {2832#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (or (not (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|))) (not (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} assume true; {2832#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (or (not (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|))) (not (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} is VALID [2018-11-23 11:10:58,058 INFO L268 TraceCheckUtils]: 40: Hoare quadruple {2832#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (or (not (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|))) (not (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))) (= |old(#memory_$Pointer$.base)| |#memory_$Pointer$.base|))} {2714#(and (= (_ bv0 32) |~#mutexes~0.offset|) (= |~#mutexes~0.offset| (select (select |#memory_$Pointer$.offset| |~#mutexes~0.base|) |~#mutexes~0.offset|)) (= (select (select |#memory_$Pointer$.base| |~#mutexes~0.base|) |~#mutexes~0.offset|) |~#mutexes~0.base|))} #137#return; {2707#false} is VALID [2018-11-23 11:10:58,059 INFO L256 TraceCheckUtils]: 41: Hoare triple {2707#false} call mutex_lock(~m1~0.base, ~m1~0.offset); {2707#false} is VALID [2018-11-23 11:10:58,059 INFO L273 TraceCheckUtils]: 42: Hoare triple {2707#false} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {2707#false} is VALID [2018-11-23 11:10:58,059 INFO L256 TraceCheckUtils]: 43: Hoare triple {2707#false} call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {2707#false} is VALID [2018-11-23 11:10:58,060 INFO L273 TraceCheckUtils]: 44: Hoare triple {2707#false} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {2707#false} is VALID [2018-11-23 11:10:58,060 INFO L273 TraceCheckUtils]: 45: Hoare triple {2707#false} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {2707#false} is VALID [2018-11-23 11:10:58,060 INFO L273 TraceCheckUtils]: 46: Hoare triple {2707#false} #res := 0bv32; {2707#false} is VALID [2018-11-23 11:10:58,061 INFO L273 TraceCheckUtils]: 47: Hoare triple {2707#false} assume true; {2707#false} is VALID [2018-11-23 11:10:58,061 INFO L268 TraceCheckUtils]: 48: Hoare quadruple {2707#false} {2707#false} #161#return; {2707#false} is VALID [2018-11-23 11:10:58,061 INFO L273 TraceCheckUtils]: 49: Hoare triple {2707#false} assume !(0bv32 != #t~ret27);havoc #t~ret27; {2707#false} is VALID [2018-11-23 11:10:58,061 INFO L256 TraceCheckUtils]: 50: Hoare triple {2707#false} call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {2707#false} is VALID [2018-11-23 11:10:58,061 INFO L273 TraceCheckUtils]: 51: Hoare triple {2707#false} ~new.base, ~new.offset := #in~new.base, #in~new.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset; {2707#false} is VALID [2018-11-23 11:10:58,062 INFO L256 TraceCheckUtils]: 52: Hoare triple {2707#false} call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); {2707#false} is VALID [2018-11-23 11:10:58,062 INFO L273 TraceCheckUtils]: 53: Hoare triple {2707#false} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {2707#false} is VALID [2018-11-23 11:10:58,062 INFO L273 TraceCheckUtils]: 54: Hoare triple {2707#false} assume !!(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset);call #t~mem25.base, #t~mem25.offset := read~$Pointer$(~m~1.base, ~m~1.offset, 4bv32); {2707#false} is VALID [2018-11-23 11:10:58,062 INFO L273 TraceCheckUtils]: 55: Hoare triple {2707#false} assume #t~mem25.base == ~e.base && #t~mem25.offset == ~e.offset;havoc #t~mem25.base, #t~mem25.offset;#res := 1bv32; {2707#false} is VALID [2018-11-23 11:10:58,062 INFO L273 TraceCheckUtils]: 56: Hoare triple {2707#false} assume true; {2707#false} is VALID [2018-11-23 11:10:58,063 INFO L268 TraceCheckUtils]: 57: Hoare quadruple {2707#false} {2707#false} #165#return; {2707#false} is VALID [2018-11-23 11:10:58,063 INFO L273 TraceCheckUtils]: 58: Hoare triple {2707#false} assume !(0bv32 == #t~ret17);havoc #t~ret17; {2707#false} is VALID [2018-11-23 11:10:58,063 INFO L273 TraceCheckUtils]: 59: Hoare triple {2707#false} assume true; {2707#false} is VALID [2018-11-23 11:10:58,063 INFO L268 TraceCheckUtils]: 60: Hoare quadruple {2707#false} {2707#false} #163#return; {2707#false} is VALID [2018-11-23 11:10:58,064 INFO L273 TraceCheckUtils]: 61: Hoare triple {2707#false} assume true; {2707#false} is VALID [2018-11-23 11:10:58,064 INFO L268 TraceCheckUtils]: 62: Hoare quadruple {2707#false} {2707#false} #139#return; {2707#false} is VALID [2018-11-23 11:10:58,064 INFO L256 TraceCheckUtils]: 63: Hoare triple {2707#false} call mutex_unlock(~m2~0.base, ~m2~0.offset); {2707#false} is VALID [2018-11-23 11:10:58,064 INFO L273 TraceCheckUtils]: 64: Hoare triple {2707#false} ~m.base, ~m.offset := #in~m.base, #in~m.offset; {2707#false} is VALID [2018-11-23 11:10:58,064 INFO L256 TraceCheckUtils]: 65: Hoare triple {2707#false} call #t~ret28 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); {2707#false} is VALID [2018-11-23 11:10:58,065 INFO L273 TraceCheckUtils]: 66: Hoare triple {2707#false} ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); {2707#false} is VALID [2018-11-23 11:10:58,065 INFO L273 TraceCheckUtils]: 67: Hoare triple {2707#false} assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); {2707#false} is VALID [2018-11-23 11:10:58,065 INFO L273 TraceCheckUtils]: 68: Hoare triple {2707#false} #res := 0bv32; {2707#false} is VALID [2018-11-23 11:10:58,065 INFO L273 TraceCheckUtils]: 69: Hoare triple {2707#false} assume true; {2707#false} is VALID [2018-11-23 11:10:58,066 INFO L268 TraceCheckUtils]: 70: Hoare quadruple {2707#false} {2707#false} #151#return; {2707#false} is VALID [2018-11-23 11:10:58,066 INFO L273 TraceCheckUtils]: 71: Hoare triple {2707#false} assume 0bv32 == #t~ret28;havoc #t~ret28; {2707#false} is VALID [2018-11-23 11:10:58,066 INFO L273 TraceCheckUtils]: 72: Hoare triple {2707#false} assume !false; {2707#false} is VALID [2018-11-23 11:10:58,081 INFO L134 CoverageAnalysis]: Checked inductivity of 58 backedges. 41 proven. 0 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2018-11-23 11:10:58,082 INFO L312 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2018-11-23 11:10:58,088 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-23 11:10:58,089 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2018-11-23 11:10:58,089 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 73 [2018-11-23 11:10:58,089 INFO L84 Accepts]: Finished accepts. word is accepted. [2018-11-23 11:10:58,090 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2018-11-23 11:10:58,222 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 65 edges. 65 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:10:58,222 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2018-11-23 11:10:58,223 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2018-11-23 11:10:58,223 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=27, Invalid=63, Unknown=0, NotChecked=0, Total=90 [2018-11-23 11:10:58,223 INFO L87 Difference]: Start difference. First operand 136 states and 164 transitions. Second operand 10 states. [2018-11-23 11:11:07,394 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:11:07,395 INFO L93 Difference]: Finished difference Result 304 states and 368 transitions. [2018-11-23 11:11:07,395 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2018-11-23 11:11:07,395 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 73 [2018-11-23 11:11:07,395 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-23 11:11:07,395 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2018-11-23 11:11:07,403 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 307 transitions. [2018-11-23 11:11:07,403 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2018-11-23 11:11:07,411 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 307 transitions. [2018-11-23 11:11:07,411 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 21 states and 307 transitions. [2018-11-23 11:11:08,086 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 307 edges. 307 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2018-11-23 11:11:08,093 INFO L225 Difference]: With dead ends: 304 [2018-11-23 11:11:08,093 INFO L226 Difference]: Without dead ends: 191 [2018-11-23 11:11:08,094 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 86 GetRequests, 64 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 92 ImplicationChecksByTransitivity, 1.3s TimeCoverageRelationStatistics Valid=135, Invalid=417, Unknown=0, NotChecked=0, Total=552 [2018-11-23 11:11:08,095 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 191 states. [2018-11-23 11:11:08,369 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 191 to 139. [2018-11-23 11:11:08,369 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2018-11-23 11:11:08,370 INFO L82 GeneralOperation]: Start isEquivalent. First operand 191 states. Second operand 139 states. [2018-11-23 11:11:08,370 INFO L74 IsIncluded]: Start isIncluded. First operand 191 states. Second operand 139 states. [2018-11-23 11:11:08,370 INFO L87 Difference]: Start difference. First operand 191 states. Second operand 139 states. [2018-11-23 11:11:08,380 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:11:08,380 INFO L93 Difference]: Finished difference Result 191 states and 232 transitions. [2018-11-23 11:11:08,380 INFO L276 IsEmpty]: Start isEmpty. Operand 191 states and 232 transitions. [2018-11-23 11:11:08,381 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:11:08,382 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:11:08,382 INFO L74 IsIncluded]: Start isIncluded. First operand 139 states. Second operand 191 states. [2018-11-23 11:11:08,382 INFO L87 Difference]: Start difference. First operand 139 states. Second operand 191 states. [2018-11-23 11:11:08,391 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-23 11:11:08,391 INFO L93 Difference]: Finished difference Result 191 states and 232 transitions. [2018-11-23 11:11:08,391 INFO L276 IsEmpty]: Start isEmpty. Operand 191 states and 232 transitions. [2018-11-23 11:11:08,393 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-23 11:11:08,393 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2018-11-23 11:11:08,393 INFO L88 GeneralOperation]: Finished isEquivalent. [2018-11-23 11:11:08,393 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2018-11-23 11:11:08,393 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 139 states. [2018-11-23 11:11:08,399 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 139 states to 139 states and 163 transitions. [2018-11-23 11:11:08,399 INFO L78 Accepts]: Start accepts. Automaton has 139 states and 163 transitions. Word has length 73 [2018-11-23 11:11:08,399 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-23 11:11:08,399 INFO L480 AbstractCegarLoop]: Abstraction has 139 states and 163 transitions. [2018-11-23 11:11:08,399 INFO L481 AbstractCegarLoop]: Interpolant automaton has 10 states. [2018-11-23 11:11:08,400 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 163 transitions. [2018-11-23 11:11:08,400 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2018-11-23 11:11:08,400 INFO L394 BasicCegarLoop]: Found error trace [2018-11-23 11:11:08,401 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-23 11:11:08,401 INFO L423 AbstractCegarLoop]: === Iteration 5 === [mutex_unlockErr0ASSERT_VIOLATIONERROR_FUNCTION, ldv_check_final_stateErr0ASSERT_VIOLATIONERROR_FUNCTION, mutex_lockErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-23 11:11:08,401 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-23 11:11:08,401 INFO L82 PathProgramCache]: Analyzing trace with hash -1212876293, now seen corresponding path program 1 times [2018-11-23 11:11:08,402 INFO L223 ckRefinementStrategy]: Switched to mode CVC4_FPBP [2018-11-23 11:11:08,402 INFO L69 tionRefinementEngine]: Using refinement strategy WolfRefinementStrategy No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4nyu Starting monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with cvc4nyu --tear-down-incremental --print-success --lang smt --rewrite-divk [2018-11-23 11:11:08,432 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-23 11:11:08,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2018-11-23 11:11:08,927 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2018-11-23 11:11:09,142 INFO L469 BasicCegarLoop]: Counterexample might be feasible ----- class de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder.RCFGBacktranslator [?] CALL call ULTIMATE.init(); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |old(#NULL.base)|=(_ bv0 32), |old(#NULL.offset)|=(_ bv0 32), |old(~#mutexes~0.base)|=(_ bv0 32), |old(~#mutexes~0.offset)|=(_ bv0 32), |~#mutexes~0.base|=(_ bv0 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];call ~#mutexes~0.base, ~#mutexes~0.offset := #Ultimate.alloc(8bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~#mutexes~0.offset, 4bv32);call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~bvadd32(4bv32, ~#mutexes~0.offset), 4bv32); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |old(#NULL.base)|=(_ bv0 32), |old(#NULL.offset)|=(_ bv0 32), |old(~#mutexes~0.base)|=(_ bv0 32), |old(~#mutexes~0.offset)|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |old(#NULL.base)|=(_ bv0 32), |old(#NULL.offset)|=(_ bv0 32), |old(~#mutexes~0.base)|=(_ bv0 32), |old(~#mutexes~0.offset)|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #171#return; VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call #t~ret32 := main(); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call foo(); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call ldv_initialize(); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #131#return; VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv8 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [ldv_successful_malloc_~ptr~0.base=(_ bv2148552704 32), ldv_successful_malloc_~ptr~0.offset=(_ bv0 32), ldv_successful_malloc_~size=(_ bv8 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv8 32), |ldv_successful_malloc_#res.base|=(_ bv2148552704 32), |ldv_successful_malloc_#res.offset|=(_ bv0 32), |ldv_successful_malloc_#t~malloc5.base|=(_ bv2148552704 32), |ldv_successful_malloc_#t~malloc5.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_successful_malloc_~ptr~0.base=(_ bv2148552704 32), ldv_successful_malloc_~ptr~0.offset=(_ bv0 32), ldv_successful_malloc_~size=(_ bv8 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv8 32), |ldv_successful_malloc_#res.base|=(_ bv2148552704 32), |ldv_successful_malloc_#res.offset|=(_ bv0 32), |ldv_successful_malloc_#t~malloc5.base|=(_ bv2148552704 32), |ldv_successful_malloc_#t~malloc5.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #133#return; VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |foo_#t~ret30.base|=(_ bv2148552704 32), |foo_#t~ret30.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~m1~0.base, ~m1~0.offset := #t~ret30.base, #t~ret30.offset;havoc #t~ret30.base, #t~ret30.offset; VAL [foo_~m1~0.base=(_ bv2148552704 32), foo_~m1~0.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv8 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [ldv_successful_malloc_~ptr~0.base=(_ bv2887258112 32), ldv_successful_malloc_~ptr~0.offset=(_ bv0 32), ldv_successful_malloc_~size=(_ bv8 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv8 32), |ldv_successful_malloc_#res.base|=(_ bv2887258112 32), |ldv_successful_malloc_#res.offset|=(_ bv0 32), |ldv_successful_malloc_#t~malloc5.base|=(_ bv2887258112 32), |ldv_successful_malloc_#t~malloc5.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_successful_malloc_~ptr~0.base=(_ bv2887258112 32), ldv_successful_malloc_~ptr~0.offset=(_ bv0 32), ldv_successful_malloc_~size=(_ bv8 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv8 32), |ldv_successful_malloc_#res.base|=(_ bv2887258112 32), |ldv_successful_malloc_#res.offset|=(_ bv0 32), |ldv_successful_malloc_#t~malloc5.base|=(_ bv2887258112 32), |ldv_successful_malloc_#t~malloc5.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #135#return; VAL [foo_~m1~0.base=(_ bv2148552704 32), foo_~m1~0.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |foo_#t~ret31.base|=(_ bv2887258112 32), |foo_#t~ret31.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~m2~0.base, ~m2~0.offset := #t~ret31.base, #t~ret31.offset;havoc #t~ret31.base, #t~ret31.offset; VAL [foo_~m1~0.base=(_ bv2148552704 32), foo_~m1~0.offset=(_ bv0 32), foo_~m2~0.base=(_ bv2887258112 32), foo_~m2~0.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~m.base, ~m.offset := #in~m.base, #in~m.offset; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] #res := 0bv32; VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |ldv_is_in_set_#res|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |ldv_is_in_set_#res|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #161#return; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |mutex_lock_#t~ret27|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume !(0bv32 != #t~ret27);havoc #t~ret27; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~new.base, ~new.offset := #in~new.base, #in~new.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset; VAL [ldv_set_add_~new.base=(_ bv2148552704 32), ldv_set_add_~new.offset=(_ bv0 32), ldv_set_add_~s.base=(_ bv2148532224 32), ldv_set_add_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] #res := 0bv32; VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |ldv_is_in_set_#res|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2148532224 32), ldv_is_in_set_~__mptr~3.offset=(_ bv0 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2148532224 32), ldv_is_in_set_~m~1.offset=(_ bv4294967292 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |ldv_is_in_set_#res|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #165#return; VAL [ldv_set_add_~new.base=(_ bv2148552704 32), ldv_set_add_~new.offset=(_ bv0 32), ldv_set_add_~s.base=(_ bv2148532224 32), ldv_set_add_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |ldv_set_add_#t~ret17|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume 0bv32 == #t~ret17;havoc #t~ret17;havoc ~le~0.base, ~le~0.offset; VAL [ldv_set_add_~new.base=(_ bv2148552704 32), ldv_set_add_~new.offset=(_ bv0 32), ldv_set_add_~s.base=(_ bv2148532224 32), ldv_set_add_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call #t~ret18.base, #t~ret18.offset := ldv_successful_malloc(12bv32); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv12 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~size := #in~size;call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size);~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset;assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32);#res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [ldv_successful_malloc_~ptr~0.base=(_ bv2887274496 32), ldv_successful_malloc_~ptr~0.offset=(_ bv0 32), ldv_successful_malloc_~size=(_ bv12 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv12 32), |ldv_successful_malloc_#res.base|=(_ bv2887274496 32), |ldv_successful_malloc_#res.offset|=(_ bv0 32), |ldv_successful_malloc_#t~malloc5.base|=(_ bv2887274496 32), |ldv_successful_malloc_#t~malloc5.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_successful_malloc_~ptr~0.base=(_ bv2887274496 32), ldv_successful_malloc_~ptr~0.offset=(_ bv0 32), ldv_successful_malloc_~size=(_ bv12 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_successful_malloc_#in~size|=(_ bv12 32), |ldv_successful_malloc_#res.base|=(_ bv2887274496 32), |ldv_successful_malloc_#res.offset|=(_ bv0 32), |ldv_successful_malloc_#t~malloc5.base|=(_ bv2887274496 32), |ldv_successful_malloc_#t~malloc5.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #167#return; VAL [ldv_set_add_~new.base=(_ bv2148552704 32), ldv_set_add_~new.offset=(_ bv0 32), ldv_set_add_~s.base=(_ bv2148532224 32), ldv_set_add_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |ldv_set_add_#t~ret18.base|=(_ bv2887274496 32), |ldv_set_add_#t~ret18.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~le~0.base, ~le~0.offset := #t~ret18.base, #t~ret18.offset;havoc #t~ret18.base, #t~ret18.offset;call write~$Pointer$(~new.base, ~new.offset, ~le~0.base, ~le~0.offset, 4bv32); VAL [ldv_set_add_~le~0.base=(_ bv2887274496 32), ldv_set_add_~le~0.offset=(_ bv0 32), ldv_set_add_~new.base=(_ bv2148552704 32), ldv_set_add_~new.offset=(_ bv0 32), ldv_set_add_~s.base=(_ bv2148532224 32), ldv_set_add_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call ldv_list_add(~le~0.base, ~bvadd32(4bv32, ~le~0.offset), ~s.base, ~s.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_list_add_#in~head.base|=(_ bv2148532224 32), |ldv_list_add_#in~head.offset|=(_ bv0 32), |ldv_list_add_#in~new.base|=(_ bv2887274496 32), |ldv_list_add_#in~new.offset|=(_ bv4 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~new.base, ~new.offset := #in~new.base, #in~new.offset;~head.base, ~head.offset := #in~head.base, #in~head.offset;call #t~mem6.base, #t~mem6.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32); VAL [ldv_list_add_~head.base=(_ bv2148532224 32), ldv_list_add_~head.offset=(_ bv0 32), ldv_list_add_~new.base=(_ bv2887274496 32), ldv_list_add_~new.offset=(_ bv4 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_list_add_#in~head.base|=(_ bv2148532224 32), |ldv_list_add_#in~head.offset|=(_ bv0 32), |ldv_list_add_#in~new.base|=(_ bv2887274496 32), |ldv_list_add_#in~new.offset|=(_ bv4 32), |ldv_list_add_#t~mem6.base|=(_ bv2148532224 32), |ldv_list_add_#t~mem6.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call __ldv_list_add(~new.base, ~new.offset, ~head.base, ~head.offset, #t~mem6.base, #t~mem6.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |__ldv_list_add_#in~new.base|=(_ bv2887274496 32), |__ldv_list_add_#in~new.offset|=(_ bv4 32), |__ldv_list_add_#in~next.base|=(_ bv2148532224 32), |__ldv_list_add_#in~next.offset|=(_ bv0 32), |__ldv_list_add_#in~prev.base|=(_ bv2148532224 32), |__ldv_list_add_#in~prev.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~new.base, ~new.offset := #in~new.base, #in~new.offset;~prev.base, ~prev.offset := #in~prev.base, #in~prev.offset;~next.base, ~next.offset := #in~next.base, #in~next.offset;call write~$Pointer$(~new.base, ~new.offset, ~next.base, ~bvadd32(4bv32, ~next.offset), 4bv32);call write~$Pointer$(~next.base, ~next.offset, ~new.base, ~new.offset, 4bv32);call write~$Pointer$(~prev.base, ~prev.offset, ~new.base, ~bvadd32(4bv32, ~new.offset), 4bv32);call write~$Pointer$(~new.base, ~new.offset, ~prev.base, ~prev.offset, 4bv32); VAL [__ldv_list_add_~new.base=(_ bv2887274496 32), __ldv_list_add_~new.offset=(_ bv4 32), __ldv_list_add_~next.base=(_ bv2148532224 32), __ldv_list_add_~next.offset=(_ bv0 32), __ldv_list_add_~prev.base=(_ bv2148532224 32), __ldv_list_add_~prev.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |__ldv_list_add_#in~new.base|=(_ bv2887274496 32), |__ldv_list_add_#in~new.offset|=(_ bv4 32), |__ldv_list_add_#in~next.base|=(_ bv2148532224 32), |__ldv_list_add_#in~next.offset|=(_ bv0 32), |__ldv_list_add_#in~prev.base|=(_ bv2148532224 32), |__ldv_list_add_#in~prev.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [__ldv_list_add_~new.base=(_ bv2887274496 32), __ldv_list_add_~new.offset=(_ bv4 32), __ldv_list_add_~next.base=(_ bv2148532224 32), __ldv_list_add_~next.offset=(_ bv0 32), __ldv_list_add_~prev.base=(_ bv2148532224 32), __ldv_list_add_~prev.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |__ldv_list_add_#in~new.base|=(_ bv2887274496 32), |__ldv_list_add_#in~new.offset|=(_ bv4 32), |__ldv_list_add_#in~next.base|=(_ bv2148532224 32), |__ldv_list_add_#in~next.offset|=(_ bv0 32), |__ldv_list_add_#in~prev.base|=(_ bv2148532224 32), |__ldv_list_add_#in~prev.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #129#return; VAL [ldv_list_add_~head.base=(_ bv2148532224 32), ldv_list_add_~head.offset=(_ bv0 32), ldv_list_add_~new.base=(_ bv2887274496 32), ldv_list_add_~new.offset=(_ bv4 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_list_add_#in~head.base|=(_ bv2148532224 32), |ldv_list_add_#in~head.offset|=(_ bv0 32), |ldv_list_add_#in~new.base|=(_ bv2887274496 32), |ldv_list_add_#in~new.offset|=(_ bv4 32), |ldv_list_add_#t~mem6.base|=(_ bv2148532224 32), |ldv_list_add_#t~mem6.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] havoc #t~mem6.base, #t~mem6.offset; VAL [ldv_list_add_~head.base=(_ bv2148532224 32), ldv_list_add_~head.offset=(_ bv0 32), ldv_list_add_~new.base=(_ bv2887274496 32), ldv_list_add_~new.offset=(_ bv4 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_list_add_#in~head.base|=(_ bv2148532224 32), |ldv_list_add_#in~head.offset|=(_ bv0 32), |ldv_list_add_#in~new.base|=(_ bv2887274496 32), |ldv_list_add_#in~new.offset|=(_ bv4 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_list_add_~head.base=(_ bv2148532224 32), ldv_list_add_~head.offset=(_ bv0 32), ldv_list_add_~new.base=(_ bv2887274496 32), ldv_list_add_~new.offset=(_ bv4 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_list_add_#in~head.base|=(_ bv2148532224 32), |ldv_list_add_#in~head.offset|=(_ bv0 32), |ldv_list_add_#in~new.base|=(_ bv2887274496 32), |ldv_list_add_#in~new.offset|=(_ bv4 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #169#return; VAL [ldv_set_add_~le~0.base=(_ bv2887274496 32), ldv_set_add_~le~0.offset=(_ bv0 32), ldv_set_add_~new.base=(_ bv2148552704 32), ldv_set_add_~new.offset=(_ bv0 32), ldv_set_add_~s.base=(_ bv2148532224 32), ldv_set_add_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_set_add_~le~0.base=(_ bv2887274496 32), ldv_set_add_~le~0.offset=(_ bv0 32), ldv_set_add_~new.base=(_ bv2148552704 32), ldv_set_add_~new.offset=(_ bv0 32), ldv_set_add_~s.base=(_ bv2148532224 32), ldv_set_add_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_set_add_#in~new.base|=(_ bv2148552704 32), |ldv_set_add_#in~new.offset|=(_ bv0 32), |ldv_set_add_#in~s.base|=(_ bv2148532224 32), |ldv_set_add_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #163#return; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #137#return; VAL [foo_~m1~0.base=(_ bv2148552704 32), foo_~m1~0.offset=(_ bv0 32), foo_~m2~0.base=(_ bv2887258112 32), foo_~m2~0.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~m.base, ~m.offset := #in~m.base, #in~m.offset; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [|#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] ~e.base, ~e.offset := #in~e.base, #in~e.offset;~s.base, ~s.offset := #in~s.base, #in~s.offset;havoc ~m~1.base, ~m~1.offset;call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32);~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset;havoc #t~mem23.base, #t~mem23.offset;~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2887274496 32), ldv_is_in_set_~__mptr~3.offset=(_ bv4 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2887274496 32), ldv_is_in_set_~m~1.offset=(_ bv0 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume !!(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset);call #t~mem25.base, #t~mem25.offset := read~$Pointer$(~m~1.base, ~m~1.offset, 4bv32); VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2887274496 32), ldv_is_in_set_~__mptr~3.offset=(_ bv4 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2887274496 32), ldv_is_in_set_~m~1.offset=(_ bv0 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |ldv_is_in_set_#t~mem25.base|=(_ bv2148552704 32), |ldv_is_in_set_#t~mem25.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume #t~mem25.base == ~e.base && #t~mem25.offset == ~e.offset;havoc #t~mem25.base, #t~mem25.offset;#res := 1bv32; VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2887274496 32), ldv_is_in_set_~__mptr~3.offset=(_ bv4 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2887274496 32), ldv_is_in_set_~m~1.offset=(_ bv0 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |ldv_is_in_set_#res|=(_ bv1 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume true; VAL [ldv_is_in_set_~__mptr~3.base=(_ bv2887274496 32), ldv_is_in_set_~__mptr~3.offset=(_ bv4 32), ldv_is_in_set_~e.base=(_ bv2148552704 32), ldv_is_in_set_~e.offset=(_ bv0 32), ldv_is_in_set_~m~1.base=(_ bv2887274496 32), ldv_is_in_set_~m~1.offset=(_ bv0 32), ldv_is_in_set_~s.base=(_ bv2148532224 32), ldv_is_in_set_~s.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |ldv_is_in_set_#in~e.base|=(_ bv2148552704 32), |ldv_is_in_set_#in~e.offset|=(_ bv0 32), |ldv_is_in_set_#in~s.base|=(_ bv2148532224 32), |ldv_is_in_set_#in~s.offset|=(_ bv0 32), |ldv_is_in_set_#res|=(_ bv1 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] RET #161#return; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |mutex_lock_#t~ret27|=(_ bv1 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume 0bv32 != #t~ret27;havoc #t~ret27; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] assume !false; VAL [mutex_lock_~m.base=(_ bv2148552704 32), mutex_lock_~m.offset=(_ bv0 32), |#NULL.base|=(_ bv0 32), |#NULL.offset|=(_ bv0 32), |mutex_lock_#in~m.base|=(_ bv2148552704 32), |mutex_lock_#in~m.offset|=(_ bv0 32), |~#mutexes~0.base|=(_ bv2148532224 32), |~#mutexes~0.offset|=(_ bv0 32)] [?] CALL call ULTIMATE.init(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, old(#NULL.base)=0bv32, old(#NULL.offset)=0bv32, old(~#mutexes~0.base)=0bv32, old(~#mutexes~0.offset)=0bv32, ~#mutexes~0.base=0bv32, ~#mutexes~0.offset=0bv32] [?] #NULL.base, #NULL.offset := 0bv32, 0bv32; [?] #valid := #valid[0bv32 := 0bv1]; [L652] call ~#mutexes~0.base, ~#mutexes~0.offset := #Ultimate.alloc(8bv32); [L652] call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~#mutexes~0.offset, 4bv32); [L652] call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~bvadd32(4bv32, ~#mutexes~0.offset), 4bv32); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, old(#NULL.base)=0bv32, old(#NULL.offset)=0bv32, old(~#mutexes~0.base)=0bv32, old(~#mutexes~0.offset)=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [?] ensures true; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, old(#NULL.base)=0bv32, old(#NULL.offset)=0bv32, old(~#mutexes~0.base)=0bv32, old(~#mutexes~0.offset)=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [?] RET call ULTIMATE.init(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [?] CALL call #t~ret32 := main(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L679] CALL call foo(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L668] CALL call ldv_initialize(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L653-L654] ensures true; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L668] RET call ldv_initialize(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L669] CALL call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L562-L566] ~size := #in~size; [L563] call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size); [L563] ~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset; [L564] assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32); [L565] #res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2148552704bv32, #res.offset=0bv32, #t~malloc5.base=2148552704bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2148552704bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L562-L566] ensures true; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2148552704bv32, #res.offset=0bv32, #t~malloc5.base=2148552704bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2148552704bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L669] RET call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, #t~ret30.base=2148552704bv32, #t~ret30.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L669] ~m1~0.base, ~m1~0.offset := #t~ret30.base, #t~ret30.offset; [L669] havoc #t~ret30.base, #t~ret30.offset; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32] [L670] CALL call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L562-L566] ~size := #in~size; [L563] call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size); [L563] ~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset; [L564] assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32); [L565] #res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887258112bv32, #res.offset=0bv32, #t~malloc5.base=2887258112bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887258112bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L562-L566] ensures true; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887258112bv32, #res.offset=0bv32, #t~malloc5.base=2887258112bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887258112bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L670] RET call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, #t~ret31.base=2887258112bv32, #t~ret31.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32] [L670] ~m2~0.base, ~m2~0.offset := #t~ret31.base, #t~ret31.offset; [L670] havoc #t~ret31.base, #t~ret31.offset; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32, ~m2~0.base=2887258112bv32, ~m2~0.offset=0bv32] [L671] CALL call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L655-L658] ~m.base, ~m.offset := #in~m.base, #in~m.offset; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L640-L648] ~e.base, ~e.offset := #in~e.base, #in~e.offset; [L640-L648] ~s.base, ~s.offset := #in~s.base, #in~s.offset; [L641] havoc ~m~1.base, ~m~1.offset; [L642] call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32); [L642] ~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset; [L642] havoc #t~mem23.base, #t~mem23.offset; [L642] ~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L642-L646] assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L647] #res := 0bv32; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L613] ensures true; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret27=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] assume !(0bv32 != #t~ret27); [L656] havoc #t~ret27; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L657] CALL call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L622-L629] ~new.base, ~new.offset := #in~new.base, #in~new.offset; [L622-L629] ~s.base, ~s.offset := #in~s.base, #in~s.offset; VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L623] CALL call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L640-L648] ~e.base, ~e.offset := #in~e.base, #in~e.offset; [L640-L648] ~s.base, ~s.offset := #in~s.base, #in~s.offset; [L641] havoc ~m~1.base, ~m~1.offset; [L642] call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32); [L642] ~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset; [L642] havoc #t~mem23.base, #t~mem23.offset; [L642] ~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L642-L646] assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L647] #res := 0bv32; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L613] ensures true; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L623] RET call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret17=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L623-L628] assume 0bv32 == #t~ret17; [L623] havoc #t~ret17; [L624] havoc ~le~0.base, ~le~0.offset; VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L625] CALL call #t~ret18.base, #t~ret18.offset := ldv_successful_malloc(12bv32); VAL [#in~size=12bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L562-L566] ~size := #in~size; [L563] call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size); [L563] ~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset; [L564] assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32); [L565] #res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [#in~size=12bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887274496bv32, #res.offset=0bv32, #t~malloc5.base=2887274496bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887274496bv32, ~ptr~0.offset=0bv32, ~size=12bv32] [L562-L566] ensures true; VAL [#in~size=12bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887274496bv32, #res.offset=0bv32, #t~malloc5.base=2887274496bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887274496bv32, ~ptr~0.offset=0bv32, ~size=12bv32] [L625] RET call #t~ret18.base, #t~ret18.offset := ldv_successful_malloc(12bv32); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret18.base=2887274496bv32, #t~ret18.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L625] ~le~0.base, ~le~0.offset := #t~ret18.base, #t~ret18.offset; [L625] havoc #t~ret18.base, #t~ret18.offset; [L626] call write~$Pointer$(~new.base, ~new.offset, ~le~0.base, ~le~0.offset, 4bv32); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~le~0.base=2887274496bv32, ~le~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L627] CALL call ldv_list_add(~le~0.base, ~bvadd32(4bv32, ~le~0.offset), ~s.base, ~s.offset); VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L593-L596] ~new.base, ~new.offset := #in~new.base, #in~new.offset; [L593-L596] ~head.base, ~head.offset := #in~head.base, #in~head.offset; [L595] call #t~mem6.base, #t~mem6.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32); VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~mem6.base=2148532224bv32, #t~mem6.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L595] CALL call __ldv_list_add(~new.base, ~new.offset, ~head.base, ~head.offset, #t~mem6.base, #t~mem6.offset); VAL [#in~new.base=2887274496bv32, #in~new.offset=4bv32, #in~next.base=2148532224bv32, #in~next.offset=0bv32, #in~prev.base=2148532224bv32, #in~prev.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L579-L587] ~new.base, ~new.offset := #in~new.base, #in~new.offset; [L579-L587] ~prev.base, ~prev.offset := #in~prev.base, #in~prev.offset; [L579-L587] ~next.base, ~next.offset := #in~next.base, #in~next.offset; [L583] call write~$Pointer$(~new.base, ~new.offset, ~next.base, ~bvadd32(4bv32, ~next.offset), 4bv32); [L584] call write~$Pointer$(~next.base, ~next.offset, ~new.base, ~new.offset, 4bv32); [L585] call write~$Pointer$(~prev.base, ~prev.offset, ~new.base, ~bvadd32(4bv32, ~new.offset), 4bv32); [L586] call write~$Pointer$(~new.base, ~new.offset, ~prev.base, ~prev.offset, 4bv32); VAL [#in~new.base=2887274496bv32, #in~new.offset=4bv32, #in~next.base=2148532224bv32, #in~next.offset=0bv32, #in~prev.base=2148532224bv32, #in~prev.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32, ~next.base=2148532224bv32, ~next.offset=0bv32, ~prev.base=2148532224bv32, ~prev.offset=0bv32] [L579-L587] ensures true; VAL [#in~new.base=2887274496bv32, #in~new.offset=4bv32, #in~next.base=2148532224bv32, #in~next.offset=0bv32, #in~prev.base=2148532224bv32, #in~prev.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32, ~next.base=2148532224bv32, ~next.offset=0bv32, ~prev.base=2148532224bv32, ~prev.offset=0bv32] [L595] RET call __ldv_list_add(~new.base, ~new.offset, ~head.base, ~head.offset, #t~mem6.base, #t~mem6.offset); VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~mem6.base=2148532224bv32, #t~mem6.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L595] havoc #t~mem6.base, #t~mem6.offset; VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L593-L596] ensures true; VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L627] RET call ldv_list_add(~le~0.base, ~bvadd32(4bv32, ~le~0.offset), ~s.base, ~s.offset); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~le~0.base=2887274496bv32, ~le~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L611] ensures true; VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~le~0.base=2887274496bv32, ~le~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L657] RET call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L655-L658] ensures true; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L671] RET call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32, ~m2~0.base=2887258112bv32, ~m2~0.offset=0bv32] [L672] CALL call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L655-L658] ~m.base, ~m.offset := #in~m.base, #in~m.offset; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L640-L648] ~e.base, ~e.offset := #in~e.base, #in~e.offset; [L640-L648] ~s.base, ~s.offset := #in~s.base, #in~s.offset; [L641] havoc ~m~1.base, ~m~1.offset; [L642] call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32); [L642] ~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset; [L642] havoc #t~mem23.base, #t~mem23.offset; [L642] ~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L642-L646] assume !!(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); [L643] call #t~mem25.base, #t~mem25.offset := read~$Pointer$(~m~1.base, ~m~1.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~mem25.base=2148552704bv32, #t~mem25.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L643-L645] assume #t~mem25.base == ~e.base && #t~mem25.offset == ~e.offset; [L643] havoc #t~mem25.base, #t~mem25.offset; [L644] #res := 1bv32; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=1bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L613] ensures true; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=1bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret27=1bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] assume 0bv32 != #t~ret27; [L656] havoc #t~ret27; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] assert false; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] ----- ----- class de.uni_freiburg.informatik.ultimate.boogie.preprocessor.BoogiePreprocessorBacktranslator [?] CALL call ULTIMATE.init(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, old(#NULL.base)=0bv32, old(#NULL.offset)=0bv32, old(~#mutexes~0.base)=0bv32, old(~#mutexes~0.offset)=0bv32, ~#mutexes~0.base=0bv32, ~#mutexes~0.offset=0bv32] [?] #NULL.base, #NULL.offset := 0bv32, 0bv32; [?] #valid := #valid[0bv32 := 0bv1]; [L652] call ~#mutexes~0.base, ~#mutexes~0.offset := #Ultimate.alloc(8bv32); [L652] call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~#mutexes~0.offset, 4bv32); [L652] call write~init~$Pointer$(~#mutexes~0.base, ~#mutexes~0.offset, ~#mutexes~0.base, ~bvadd32(4bv32, ~#mutexes~0.offset), 4bv32); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, old(#NULL.base)=0bv32, old(#NULL.offset)=0bv32, old(~#mutexes~0.base)=0bv32, old(~#mutexes~0.offset)=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [?] ensures true; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, old(#NULL.base)=0bv32, old(#NULL.offset)=0bv32, old(~#mutexes~0.base)=0bv32, old(~#mutexes~0.offset)=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [?] RET call ULTIMATE.init(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [?] CALL call #t~ret32 := main(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L679] CALL call foo(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L668] CALL call ldv_initialize(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L653-L654] ensures true; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L668] RET call ldv_initialize(); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L669] CALL call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L562-L566] ~size := #in~size; [L563] call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size); [L563] ~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset; [L564] assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32); [L565] #res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2148552704bv32, #res.offset=0bv32, #t~malloc5.base=2148552704bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2148552704bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L562-L566] ensures true; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2148552704bv32, #res.offset=0bv32, #t~malloc5.base=2148552704bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2148552704bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L669] RET call #t~ret30.base, #t~ret30.offset := ldv_successful_malloc(8bv32); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, #t~ret30.base=2148552704bv32, #t~ret30.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L669] ~m1~0.base, ~m1~0.offset := #t~ret30.base, #t~ret30.offset; [L669] havoc #t~ret30.base, #t~ret30.offset; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32] [L670] CALL call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L562-L566] ~size := #in~size; [L563] call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size); [L563] ~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset; [L564] assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32); [L565] #res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887258112bv32, #res.offset=0bv32, #t~malloc5.base=2887258112bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887258112bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L562-L566] ensures true; VAL [#in~size=8bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887258112bv32, #res.offset=0bv32, #t~malloc5.base=2887258112bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887258112bv32, ~ptr~0.offset=0bv32, ~size=8bv32] [L670] RET call #t~ret31.base, #t~ret31.offset := ldv_successful_malloc(8bv32); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, #t~ret31.base=2887258112bv32, #t~ret31.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32] [L670] ~m2~0.base, ~m2~0.offset := #t~ret31.base, #t~ret31.offset; [L670] havoc #t~ret31.base, #t~ret31.offset; VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32, ~m2~0.base=2887258112bv32, ~m2~0.offset=0bv32] [L671] CALL call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L655-L658] ~m.base, ~m.offset := #in~m.base, #in~m.offset; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L640-L648] ~e.base, ~e.offset := #in~e.base, #in~e.offset; [L640-L648] ~s.base, ~s.offset := #in~s.base, #in~s.offset; [L641] havoc ~m~1.base, ~m~1.offset; [L642] call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32); [L642] ~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset; [L642] havoc #t~mem23.base, #t~mem23.offset; [L642] ~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L642-L646] assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L647] #res := 0bv32; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L613] ensures true; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret27=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] assume !(0bv32 != #t~ret27); [L656] havoc #t~ret27; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L657] CALL call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L622-L629] ~new.base, ~new.offset := #in~new.base, #in~new.offset; [L622-L629] ~s.base, ~s.offset := #in~s.base, #in~s.offset; VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L623] CALL call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L640-L648] ~e.base, ~e.offset := #in~e.base, #in~e.offset; [L640-L648] ~s.base, ~s.offset := #in~s.base, #in~s.offset; [L641] havoc ~m~1.base, ~m~1.offset; [L642] call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32); [L642] ~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset; [L642] havoc #t~mem23.base, #t~mem23.offset; [L642] ~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L642-L646] assume !(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L647] #res := 0bv32; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L613] ensures true; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2148532224bv32, ~__mptr~3.offset=0bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2148532224bv32, ~m~1.offset=4294967292bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L623] RET call #t~ret17 := ldv_is_in_set(~new.base, ~new.offset, ~s.base, ~s.offset); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret17=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L623-L628] assume 0bv32 == #t~ret17; [L623] havoc #t~ret17; [L624] havoc ~le~0.base, ~le~0.offset; VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L625] CALL call #t~ret18.base, #t~ret18.offset := ldv_successful_malloc(12bv32); VAL [#in~size=12bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L562-L566] ~size := #in~size; [L563] call #t~malloc5.base, #t~malloc5.offset := #Ultimate.alloc(~size); [L563] ~ptr~0.base, ~ptr~0.offset := #t~malloc5.base, #t~malloc5.offset; [L564] assume 0bv32 != (if ~ptr~0.base != 0bv32 || ~ptr~0.offset != 0bv32 then 1bv32 else 0bv32); [L565] #res.base, #res.offset := ~ptr~0.base, ~ptr~0.offset; VAL [#in~size=12bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887274496bv32, #res.offset=0bv32, #t~malloc5.base=2887274496bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887274496bv32, ~ptr~0.offset=0bv32, ~size=12bv32] [L562-L566] ensures true; VAL [#in~size=12bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res.base=2887274496bv32, #res.offset=0bv32, #t~malloc5.base=2887274496bv32, #t~malloc5.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~ptr~0.base=2887274496bv32, ~ptr~0.offset=0bv32, ~size=12bv32] [L625] RET call #t~ret18.base, #t~ret18.offset := ldv_successful_malloc(12bv32); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret18.base=2887274496bv32, #t~ret18.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L625] ~le~0.base, ~le~0.offset := #t~ret18.base, #t~ret18.offset; [L625] havoc #t~ret18.base, #t~ret18.offset; [L626] call write~$Pointer$(~new.base, ~new.offset, ~le~0.base, ~le~0.offset, 4bv32); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~le~0.base=2887274496bv32, ~le~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L627] CALL call ldv_list_add(~le~0.base, ~bvadd32(4bv32, ~le~0.offset), ~s.base, ~s.offset); VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L593-L596] ~new.base, ~new.offset := #in~new.base, #in~new.offset; [L593-L596] ~head.base, ~head.offset := #in~head.base, #in~head.offset; [L595] call #t~mem6.base, #t~mem6.offset := read~$Pointer$(~head.base, ~head.offset, 4bv32); VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~mem6.base=2148532224bv32, #t~mem6.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L595] CALL call __ldv_list_add(~new.base, ~new.offset, ~head.base, ~head.offset, #t~mem6.base, #t~mem6.offset); VAL [#in~new.base=2887274496bv32, #in~new.offset=4bv32, #in~next.base=2148532224bv32, #in~next.offset=0bv32, #in~prev.base=2148532224bv32, #in~prev.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L579-L587] ~new.base, ~new.offset := #in~new.base, #in~new.offset; [L579-L587] ~prev.base, ~prev.offset := #in~prev.base, #in~prev.offset; [L579-L587] ~next.base, ~next.offset := #in~next.base, #in~next.offset; [L583] call write~$Pointer$(~new.base, ~new.offset, ~next.base, ~bvadd32(4bv32, ~next.offset), 4bv32); [L584] call write~$Pointer$(~next.base, ~next.offset, ~new.base, ~new.offset, 4bv32); [L585] call write~$Pointer$(~prev.base, ~prev.offset, ~new.base, ~bvadd32(4bv32, ~new.offset), 4bv32); [L586] call write~$Pointer$(~new.base, ~new.offset, ~prev.base, ~prev.offset, 4bv32); VAL [#in~new.base=2887274496bv32, #in~new.offset=4bv32, #in~next.base=2148532224bv32, #in~next.offset=0bv32, #in~prev.base=2148532224bv32, #in~prev.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32, ~next.base=2148532224bv32, ~next.offset=0bv32, ~prev.base=2148532224bv32, ~prev.offset=0bv32] [L579-L587] ensures true; VAL [#in~new.base=2887274496bv32, #in~new.offset=4bv32, #in~next.base=2148532224bv32, #in~next.offset=0bv32, #in~prev.base=2148532224bv32, #in~prev.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32, ~next.base=2148532224bv32, ~next.offset=0bv32, ~prev.base=2148532224bv32, ~prev.offset=0bv32] [L595] RET call __ldv_list_add(~new.base, ~new.offset, ~head.base, ~head.offset, #t~mem6.base, #t~mem6.offset); VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~mem6.base=2148532224bv32, #t~mem6.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L595] havoc #t~mem6.base, #t~mem6.offset; VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L593-L596] ensures true; VAL [#in~head.base=2148532224bv32, #in~head.offset=0bv32, #in~new.base=2887274496bv32, #in~new.offset=4bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~head.base=2148532224bv32, ~head.offset=0bv32, ~new.base=2887274496bv32, ~new.offset=4bv32] [L627] RET call ldv_list_add(~le~0.base, ~bvadd32(4bv32, ~le~0.offset), ~s.base, ~s.offset); VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~le~0.base=2887274496bv32, ~le~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L611] ensures true; VAL [#in~new.base=2148552704bv32, #in~new.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~le~0.base=2887274496bv32, ~le~0.offset=0bv32, ~new.base=2148552704bv32, ~new.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L657] RET call ldv_set_add(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L655-L658] ensures true; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L671] RET call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [#NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m1~0.base=2148552704bv32, ~m1~0.offset=0bv32, ~m2~0.base=2887258112bv32, ~m2~0.offset=0bv32] [L672] CALL call mutex_lock(~m1~0.base, ~m1~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L655-L658] ~m.base, ~m.offset := #in~m.base, #in~m.offset; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32] [L640-L648] ~e.base, ~e.offset := #in~e.base, #in~e.offset; [L640-L648] ~s.base, ~s.offset := #in~s.base, #in~s.offset; [L641] havoc ~m~1.base, ~m~1.offset; [L642] call #t~mem23.base, #t~mem23.offset := read~$Pointer$(~s.base, ~s.offset, 4bv32); [L642] ~__mptr~3.base, ~__mptr~3.offset := #t~mem23.base, #t~mem23.offset; [L642] havoc #t~mem23.base, #t~mem23.offset; [L642] ~m~1.base, ~m~1.offset := ~__mptr~3.base, ~bvsub32(~__mptr~3.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L642-L646] assume !!(~m~1.base != ~s.base || ~bvadd32(4bv32, ~m~1.offset) != ~s.offset); [L643] call #t~mem25.base, #t~mem25.offset := read~$Pointer$(~m~1.base, ~m~1.offset, 4bv32); VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~mem25.base=2148552704bv32, #t~mem25.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L643-L645] assume #t~mem25.base == ~e.base && #t~mem25.offset == ~e.offset; [L643] havoc #t~mem25.base, #t~mem25.offset; [L644] #res := 1bv32; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=1bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L613] ensures true; VAL [#in~e.base=2148552704bv32, #in~e.offset=0bv32, #in~s.base=2148532224bv32, #in~s.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #res=1bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~__mptr~3.base=2887274496bv32, ~__mptr~3.offset=4bv32, ~e.base=2148552704bv32, ~e.offset=0bv32, ~m~1.base=2887274496bv32, ~m~1.offset=0bv32, ~s.base=2148532224bv32, ~s.offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m.base, ~m.offset, ~#mutexes~0.base, ~#mutexes~0.offset); VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, #t~ret27=1bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] assume 0bv32 != #t~ret27; [L656] havoc #t~ret27; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [L656] assert false; VAL [#in~m.base=2148552704bv32, #in~m.offset=0bv32, #NULL.base=0bv32, #NULL.offset=0bv32, ~#mutexes~0.base=2148532224bv32, ~#mutexes~0.offset=0bv32, ~m.base=2148552704bv32, ~m.offset=0bv32] [?] CALL call ULTIMATE.init(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, old(#NULL!base)=0bv32, old(#NULL!offset)=0bv32, old(~#mutexes~0!base)=0bv32, old(~#mutexes~0!offset)=0bv32, ~#mutexes~0!base=0bv32, ~#mutexes~0!offset=0bv32] [?] #NULL := { base: 0bv32, offset: 0bv32 }; [?] #valid[0bv32] := 0bv1; [L652] FCALL call ~#mutexes~0 := #Ultimate.alloc(8bv32); [L652] FCALL call write~init~$Pointer$(~#mutexes~0, { base: ~#mutexes~0!base, offset: ~#mutexes~0!offset }, 4bv32); [L652] FCALL call write~init~$Pointer$(~#mutexes~0, { base: ~#mutexes~0!base, offset: ~bvadd32(4bv32, ~#mutexes~0!offset) }, 4bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, old(#NULL!base)=0bv32, old(#NULL!offset)=0bv32, old(~#mutexes~0!base)=0bv32, old(~#mutexes~0!offset)=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [?] RET call ULTIMATE.init(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [?] CALL call #t~ret32 := main(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L679] CALL call foo(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L668] CALL call ldv_initialize(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L668] RET call ldv_initialize(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L669] CALL call #t~ret30 := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2148552704bv32, #res!offset=0bv32, #t~malloc5!base=2148552704bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2148552704bv32, ~ptr~0!offset=0bv32, ~size=8bv32] [L669] RET call #t~ret30 := ldv_successful_malloc(8bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, #t~ret30!base=2148552704bv32, #t~ret30!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L669] ~m1~0 := #t~ret30; [L669] havoc #t~ret30; VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32] [L670] CALL call #t~ret31 := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2887258112bv32, #res!offset=0bv32, #t~malloc5!base=2887258112bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2887258112bv32, ~ptr~0!offset=0bv32, ~size=8bv32] [L670] RET call #t~ret31 := ldv_successful_malloc(8bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, #t~ret31!base=2887258112bv32, #t~ret31!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32] [L670] ~m2~0 := #t~ret31; [L670] havoc #t~ret31; VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32, ~m2~0!base=2887258112bv32, ~m2~0!offset=0bv32] [L671] CALL call mutex_lock(~m1~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L655-L658] ~m := #in~m; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND TRUE !({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s) VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L647] #res := 0bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret27=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] COND FALSE !(0bv32 != #t~ret27) [L656] havoc #t~ret27; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L657] CALL call ldv_set_add(~m, ~#mutexes~0); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L622-L629] ~new := #in~new; [L622-L629] ~s := #in~s; VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] CALL call #t~ret17 := ldv_is_in_set(~new, ~s); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND TRUE !({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s) VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L647] #res := 0bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] RET call #t~ret17 := ldv_is_in_set(~new, ~s); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret17=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] COND TRUE 0bv32 == #t~ret17 [L623] havoc #t~ret17; [L624] havoc ~le~0; VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L625] CALL call #t~ret18 := ldv_successful_malloc(12bv32); VAL [#in~size=12bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=12bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2887274496bv32, #res!offset=0bv32, #t~malloc5!base=2887274496bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2887274496bv32, ~ptr~0!offset=0bv32, ~size=12bv32] [L625] RET call #t~ret18 := ldv_successful_malloc(12bv32); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret18!base=2887274496bv32, #t~ret18!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L625] ~le~0 := #t~ret18; [L625] havoc #t~ret18; [L626] FCALL call write~$Pointer$(~new, { base: ~le~0!base, offset: ~le~0!offset }, 4bv32); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~le~0!base=2887274496bv32, ~le~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L627] CALL call ldv_list_add({ base: ~le~0!base, offset: ~bvadd32(4bv32, ~le~0!offset) }, ~s); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L593-L596] ~new := #in~new; [L593-L596] ~head := #in~head; [L595] FCALL call #t~mem6 := read~$Pointer$({ base: ~head!base, offset: ~head!offset }, 4bv32); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem6!base=2148532224bv32, #t~mem6!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L595] CALL call __ldv_list_add(~new, ~head, #t~mem6); VAL [#in~new!base=2887274496bv32, #in~new!offset=4bv32, #in~next!base=2148532224bv32, #in~next!offset=0bv32, #in~prev!base=2148532224bv32, #in~prev!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L579-L587] ~new := #in~new; [L579-L587] ~prev := #in~prev; [L579-L587] ~next := #in~next; [L583] FCALL call write~$Pointer$(~new, { base: ~next!base, offset: ~bvadd32(4bv32, ~next!offset) }, 4bv32); [L584] FCALL call write~$Pointer$(~next, { base: ~new!base, offset: ~new!offset }, 4bv32); [L585] FCALL call write~$Pointer$(~prev, { base: ~new!base, offset: ~bvadd32(4bv32, ~new!offset) }, 4bv32); [L586] FCALL call write~$Pointer$(~new, { base: ~prev!base, offset: ~prev!offset }, 4bv32); VAL [#in~new!base=2887274496bv32, #in~new!offset=4bv32, #in~next!base=2148532224bv32, #in~next!offset=0bv32, #in~prev!base=2148532224bv32, #in~prev!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32, ~next!base=2148532224bv32, ~next!offset=0bv32, ~prev!base=2148532224bv32, ~prev!offset=0bv32] [L595] RET call __ldv_list_add(~new, ~head, #t~mem6); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem6!base=2148532224bv32, #t~mem6!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L595] havoc #t~mem6; VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L627] RET call ldv_list_add({ base: ~le~0!base, offset: ~bvadd32(4bv32, ~le~0!offset) }, ~s); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~le~0!base=2887274496bv32, ~le~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L657] RET call ldv_set_add(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L671] RET call mutex_lock(~m1~0); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32, ~m2~0!base=2887258112bv32, ~m2~0!offset=0bv32] [L672] CALL call mutex_lock(~m1~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L655-L658] ~m := #in~m; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND FALSE !(!({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s)) [L643] FCALL call #t~mem25 := read~$Pointer$({ base: ~m~1!base, offset: ~m~1!offset }, 4bv32); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem25!base=2148552704bv32, #t~mem25!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L643] COND TRUE #t~mem25 == ~e [L643] havoc #t~mem25; [L644] #res := 1bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=1bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret27=1bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] COND TRUE 0bv32 != #t~ret27 [L656] havoc #t~ret27; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] assert false; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] ----- ----- class de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator [?] CALL call ULTIMATE.init(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, old(#NULL!base)=0bv32, old(#NULL!offset)=0bv32, old(~#mutexes~0!base)=0bv32, old(~#mutexes~0!offset)=0bv32, ~#mutexes~0!base=0bv32, ~#mutexes~0!offset=0bv32] [?] #NULL := { base: 0bv32, offset: 0bv32 }; [?] #valid[0bv32] := 0bv1; [L652] FCALL call ~#mutexes~0 := #Ultimate.alloc(8bv32); [L652] FCALL call write~init~$Pointer$(~#mutexes~0, { base: ~#mutexes~0!base, offset: ~#mutexes~0!offset }, 4bv32); [L652] FCALL call write~init~$Pointer$(~#mutexes~0, { base: ~#mutexes~0!base, offset: ~bvadd32(4bv32, ~#mutexes~0!offset) }, 4bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, old(#NULL!base)=0bv32, old(#NULL!offset)=0bv32, old(~#mutexes~0!base)=0bv32, old(~#mutexes~0!offset)=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [?] RET call ULTIMATE.init(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [?] CALL call #t~ret32 := main(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L679] CALL call foo(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L668] CALL call ldv_initialize(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L668] RET call ldv_initialize(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L669] CALL call #t~ret30 := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2148552704bv32, #res!offset=0bv32, #t~malloc5!base=2148552704bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2148552704bv32, ~ptr~0!offset=0bv32, ~size=8bv32] [L669] RET call #t~ret30 := ldv_successful_malloc(8bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, #t~ret30!base=2148552704bv32, #t~ret30!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L669] ~m1~0 := #t~ret30; [L669] havoc #t~ret30; VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32] [L670] CALL call #t~ret31 := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2887258112bv32, #res!offset=0bv32, #t~malloc5!base=2887258112bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2887258112bv32, ~ptr~0!offset=0bv32, ~size=8bv32] [L670] RET call #t~ret31 := ldv_successful_malloc(8bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, #t~ret31!base=2887258112bv32, #t~ret31!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32] [L670] ~m2~0 := #t~ret31; [L670] havoc #t~ret31; VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32, ~m2~0!base=2887258112bv32, ~m2~0!offset=0bv32] [L671] CALL call mutex_lock(~m1~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L655-L658] ~m := #in~m; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND TRUE !({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s) VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L647] #res := 0bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret27=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] COND FALSE !(0bv32 != #t~ret27) [L656] havoc #t~ret27; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L657] CALL call ldv_set_add(~m, ~#mutexes~0); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L622-L629] ~new := #in~new; [L622-L629] ~s := #in~s; VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] CALL call #t~ret17 := ldv_is_in_set(~new, ~s); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND TRUE !({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s) VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L647] #res := 0bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] RET call #t~ret17 := ldv_is_in_set(~new, ~s); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret17=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] COND TRUE 0bv32 == #t~ret17 [L623] havoc #t~ret17; [L624] havoc ~le~0; VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L625] CALL call #t~ret18 := ldv_successful_malloc(12bv32); VAL [#in~size=12bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=12bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2887274496bv32, #res!offset=0bv32, #t~malloc5!base=2887274496bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2887274496bv32, ~ptr~0!offset=0bv32, ~size=12bv32] [L625] RET call #t~ret18 := ldv_successful_malloc(12bv32); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret18!base=2887274496bv32, #t~ret18!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L625] ~le~0 := #t~ret18; [L625] havoc #t~ret18; [L626] FCALL call write~$Pointer$(~new, { base: ~le~0!base, offset: ~le~0!offset }, 4bv32); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~le~0!base=2887274496bv32, ~le~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L627] CALL call ldv_list_add({ base: ~le~0!base, offset: ~bvadd32(4bv32, ~le~0!offset) }, ~s); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L593-L596] ~new := #in~new; [L593-L596] ~head := #in~head; [L595] FCALL call #t~mem6 := read~$Pointer$({ base: ~head!base, offset: ~head!offset }, 4bv32); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem6!base=2148532224bv32, #t~mem6!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L595] CALL call __ldv_list_add(~new, ~head, #t~mem6); VAL [#in~new!base=2887274496bv32, #in~new!offset=4bv32, #in~next!base=2148532224bv32, #in~next!offset=0bv32, #in~prev!base=2148532224bv32, #in~prev!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L579-L587] ~new := #in~new; [L579-L587] ~prev := #in~prev; [L579-L587] ~next := #in~next; [L583] FCALL call write~$Pointer$(~new, { base: ~next!base, offset: ~bvadd32(4bv32, ~next!offset) }, 4bv32); [L584] FCALL call write~$Pointer$(~next, { base: ~new!base, offset: ~new!offset }, 4bv32); [L585] FCALL call write~$Pointer$(~prev, { base: ~new!base, offset: ~bvadd32(4bv32, ~new!offset) }, 4bv32); [L586] FCALL call write~$Pointer$(~new, { base: ~prev!base, offset: ~prev!offset }, 4bv32); VAL [#in~new!base=2887274496bv32, #in~new!offset=4bv32, #in~next!base=2148532224bv32, #in~next!offset=0bv32, #in~prev!base=2148532224bv32, #in~prev!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32, ~next!base=2148532224bv32, ~next!offset=0bv32, ~prev!base=2148532224bv32, ~prev!offset=0bv32] [L595] RET call __ldv_list_add(~new, ~head, #t~mem6); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem6!base=2148532224bv32, #t~mem6!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L595] havoc #t~mem6; VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L627] RET call ldv_list_add({ base: ~le~0!base, offset: ~bvadd32(4bv32, ~le~0!offset) }, ~s); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~le~0!base=2887274496bv32, ~le~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L657] RET call ldv_set_add(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L671] RET call mutex_lock(~m1~0); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32, ~m2~0!base=2887258112bv32, ~m2~0!offset=0bv32] [L672] CALL call mutex_lock(~m1~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L655-L658] ~m := #in~m; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND FALSE !(!({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s)) [L643] FCALL call #t~mem25 := read~$Pointer$({ base: ~m~1!base, offset: ~m~1!offset }, 4bv32); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem25!base=2148552704bv32, #t~mem25!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L643] COND TRUE #t~mem25 == ~e [L643] havoc #t~mem25; [L644] #res := 1bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=1bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret27=1bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] COND TRUE 0bv32 != #t~ret27 [L656] havoc #t~ret27; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] assert false; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [?] CALL call ULTIMATE.init(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, old(#NULL!base)=0bv32, old(#NULL!offset)=0bv32, old(~#mutexes~0!base)=0bv32, old(~#mutexes~0!offset)=0bv32, ~#mutexes~0!base=0bv32, ~#mutexes~0!offset=0bv32] [?] #NULL := { base: 0bv32, offset: 0bv32 }; [?] #valid[0bv32] := 0bv1; [L652] FCALL call ~#mutexes~0 := #Ultimate.alloc(8bv32); [L652] FCALL call write~init~$Pointer$(~#mutexes~0, { base: ~#mutexes~0!base, offset: ~#mutexes~0!offset }, 4bv32); [L652] FCALL call write~init~$Pointer$(~#mutexes~0, { base: ~#mutexes~0!base, offset: ~bvadd32(4bv32, ~#mutexes~0!offset) }, 4bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, old(#NULL!base)=0bv32, old(#NULL!offset)=0bv32, old(~#mutexes~0!base)=0bv32, old(~#mutexes~0!offset)=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [?] RET call ULTIMATE.init(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [?] CALL call #t~ret32 := main(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L679] CALL call foo(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L668] CALL call ldv_initialize(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L668] RET call ldv_initialize(); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L669] CALL call #t~ret30 := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2148552704bv32, #res!offset=0bv32, #t~malloc5!base=2148552704bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2148552704bv32, ~ptr~0!offset=0bv32, ~size=8bv32] [L669] RET call #t~ret30 := ldv_successful_malloc(8bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, #t~ret30!base=2148552704bv32, #t~ret30!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L669] ~m1~0 := #t~ret30; [L669] havoc #t~ret30; VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32] [L670] CALL call #t~ret31 := ldv_successful_malloc(8bv32); VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=8bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2887258112bv32, #res!offset=0bv32, #t~malloc5!base=2887258112bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2887258112bv32, ~ptr~0!offset=0bv32, ~size=8bv32] [L670] RET call #t~ret31 := ldv_successful_malloc(8bv32); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, #t~ret31!base=2887258112bv32, #t~ret31!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32] [L670] ~m2~0 := #t~ret31; [L670] havoc #t~ret31; VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32, ~m2~0!base=2887258112bv32, ~m2~0!offset=0bv32] [L671] CALL call mutex_lock(~m1~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L655-L658] ~m := #in~m; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND TRUE !({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s) VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L647] #res := 0bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret27=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] COND FALSE !(0bv32 != #t~ret27) [L656] havoc #t~ret27; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L657] CALL call ldv_set_add(~m, ~#mutexes~0); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L622-L629] ~new := #in~new; [L622-L629] ~s := #in~s; VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] CALL call #t~ret17 := ldv_is_in_set(~new, ~s); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND TRUE !({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s) VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L647] #res := 0bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2148532224bv32, ~__mptr~3!offset=0bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2148532224bv32, ~m~1!offset=4294967292bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] RET call #t~ret17 := ldv_is_in_set(~new, ~s); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret17=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L623] COND TRUE 0bv32 == #t~ret17 [L623] havoc #t~ret17; [L624] havoc ~le~0; VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L625] CALL call #t~ret18 := ldv_successful_malloc(12bv32); VAL [#in~size=12bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L562-L566] ~size := #in~size; [L563] FCALL call #t~malloc5 := #Ultimate.alloc(~size); [L563] ~ptr~0 := #t~malloc5; [L564] assume 0bv32 != (if ~ptr~0 != { base: 0bv32, offset: 0bv32 } then 1bv32 else 0bv32); [L565] #res := ~ptr~0; VAL [#in~size=12bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res!base=2887274496bv32, #res!offset=0bv32, #t~malloc5!base=2887274496bv32, #t~malloc5!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~ptr~0!base=2887274496bv32, ~ptr~0!offset=0bv32, ~size=12bv32] [L625] RET call #t~ret18 := ldv_successful_malloc(12bv32); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret18!base=2887274496bv32, #t~ret18!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L625] ~le~0 := #t~ret18; [L625] havoc #t~ret18; [L626] FCALL call write~$Pointer$(~new, { base: ~le~0!base, offset: ~le~0!offset }, 4bv32); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~le~0!base=2887274496bv32, ~le~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L627] CALL call ldv_list_add({ base: ~le~0!base, offset: ~bvadd32(4bv32, ~le~0!offset) }, ~s); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L593-L596] ~new := #in~new; [L593-L596] ~head := #in~head; [L595] FCALL call #t~mem6 := read~$Pointer$({ base: ~head!base, offset: ~head!offset }, 4bv32); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem6!base=2148532224bv32, #t~mem6!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L595] CALL call __ldv_list_add(~new, ~head, #t~mem6); VAL [#in~new!base=2887274496bv32, #in~new!offset=4bv32, #in~next!base=2148532224bv32, #in~next!offset=0bv32, #in~prev!base=2148532224bv32, #in~prev!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L579-L587] ~new := #in~new; [L579-L587] ~prev := #in~prev; [L579-L587] ~next := #in~next; [L583] FCALL call write~$Pointer$(~new, { base: ~next!base, offset: ~bvadd32(4bv32, ~next!offset) }, 4bv32); [L584] FCALL call write~$Pointer$(~next, { base: ~new!base, offset: ~new!offset }, 4bv32); [L585] FCALL call write~$Pointer$(~prev, { base: ~new!base, offset: ~bvadd32(4bv32, ~new!offset) }, 4bv32); [L586] FCALL call write~$Pointer$(~new, { base: ~prev!base, offset: ~prev!offset }, 4bv32); VAL [#in~new!base=2887274496bv32, #in~new!offset=4bv32, #in~next!base=2148532224bv32, #in~next!offset=0bv32, #in~prev!base=2148532224bv32, #in~prev!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32, ~next!base=2148532224bv32, ~next!offset=0bv32, ~prev!base=2148532224bv32, ~prev!offset=0bv32] [L595] RET call __ldv_list_add(~new, ~head, #t~mem6); VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem6!base=2148532224bv32, #t~mem6!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L595] havoc #t~mem6; VAL [#in~head!base=2148532224bv32, #in~head!offset=0bv32, #in~new!base=2887274496bv32, #in~new!offset=4bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~head!base=2148532224bv32, ~head!offset=0bv32, ~new!base=2887274496bv32, ~new!offset=4bv32] [L627] RET call ldv_list_add({ base: ~le~0!base, offset: ~bvadd32(4bv32, ~le~0!offset) }, ~s); VAL [#in~new!base=2148552704bv32, #in~new!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~le~0!base=2887274496bv32, ~le~0!offset=0bv32, ~new!base=2148552704bv32, ~new!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L657] RET call ldv_set_add(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L671] RET call mutex_lock(~m1~0); VAL [#NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m1~0!base=2148552704bv32, ~m1~0!offset=0bv32, ~m2~0!base=2887258112bv32, ~m2~0!offset=0bv32] [L672] CALL call mutex_lock(~m1~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L655-L658] ~m := #in~m; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] CALL call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32] [L640-L648] ~e := #in~e; [L640-L648] ~s := #in~s; [L641] havoc ~m~1; [L642] FCALL call #t~mem23 := read~$Pointer$({ base: ~s!base, offset: ~s!offset }, 4bv32); [L642] ~__mptr~3 := #t~mem23; [L642] havoc #t~mem23; [L642] ~m~1 := { base: ~__mptr~3!base, offset: ~bvsub32(~__mptr~3!offset, 4bv32) }; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L642-L646] COND FALSE !(!({ base: ~m~1!base, offset: ~bvadd32(4bv32, ~m~1!offset) } != ~s)) [L643] FCALL call #t~mem25 := read~$Pointer$({ base: ~m~1!base, offset: ~m~1!offset }, 4bv32); VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~mem25!base=2148552704bv32, #t~mem25!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L643] COND TRUE #t~mem25 == ~e [L643] havoc #t~mem25; [L644] #res := 1bv32; VAL [#in~e!base=2148552704bv32, #in~e!offset=0bv32, #in~s!base=2148532224bv32, #in~s!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #res=1bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~__mptr~3!base=2887274496bv32, ~__mptr~3!offset=4bv32, ~e!base=2148552704bv32, ~e!offset=0bv32, ~m~1!base=2887274496bv32, ~m~1!offset=0bv32, ~s!base=2148532224bv32, ~s!offset=0bv32] [L656] RET call #t~ret27 := ldv_is_in_set(~m, ~#mutexes~0); VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, #t~ret27=1bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] COND TRUE 0bv32 != #t~ret27 [L656] havoc #t~ret27; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] [L656] assert false; VAL [#in~m!base=2148552704bv32, #in~m!offset=0bv32, #NULL!base=0bv32, #NULL!offset=0bv32, ~#mutexes~0!base=2148532224bv32, ~#mutexes~0!offset=0bv32, ~m!base=2148552704bv32, ~m!offset=0bv32] ----- [2018-11-23 11:11:09,285 WARN L1272 BoogieBacktranslator]: Unfinished Backtranslation: BitvecLiteral 0bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# [2018-11-23 11:11:09,287 WARN L1272 BoogieBacktranslator]: Unfinished Backtranslation: BitvecLiteral 0bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# [2018-11-23 11:11:09,288 FATAL L292 ToolchainWalker]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: You must have same procedures except when you have threads or when this is a call or a return at de.uni_freiburg.informatik.ultimate.core.model.translation.AtomicTraceElement.(AtomicTraceElement.java:115) at de.uni_freiburg.informatik.ultimate.core.model.translation.AtomicTraceElement.(AtomicTraceElement.java:103) at de.uni_freiburg.informatik.ultimate.core.model.translation.AtomicTraceElement$AtomicTraceElementBuilder.build(AtomicTraceElement.java:306) at de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieBacktranslator.createAtomicTraceElement(CACSL2BoogieBacktranslator.java:338) at de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieBacktranslator.handleCASTFunctionCallExpression(CACSL2BoogieBacktranslator.java:471) at de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieBacktranslator.translateProgramExecution(CACSL2BoogieBacktranslator.java:265) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:213) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:222) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:222) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:222) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:203) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:85) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportResult(TraceAbstractionStarter.java:560) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportCounterexampleResult(TraceAbstractionStarter.java:493) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.computeOverallResult(TraceAbstractionStarter.java:417) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.iterate(TraceAbstractionStarter.java:342) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:174) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:126) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:316) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55) [2018-11-23 11:11:09,296 INFO L168 Benchmark]: Toolchain (without parser) took 24557.91 ms. Allocated memory was 1.5 GB in the beginning and 2.6 GB in the end (delta: 1.1 GB). Free memory was 1.4 GB in the beginning and 2.2 GB in the end (delta: -770.0 MB). Peak memory consumption was 323.6 MB. Max. memory is 7.1 GB. [2018-11-23 11:11:09,298 INFO L168 Benchmark]: CDTParser took 0.22 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. [2018-11-23 11:11:09,300 INFO L168 Benchmark]: CACSL2BoogieTranslator took 856.11 ms. Allocated memory was 1.5 GB in the beginning and 2.3 GB in the end (delta: 737.1 MB). Free memory was 1.4 GB in the beginning and 2.2 GB in the end (delta: -770.1 MB). Peak memory consumption was 40.3 MB. Max. memory is 7.1 GB. [2018-11-23 11:11:09,303 INFO L168 Benchmark]: Boogie Procedure Inliner took 43.74 ms. Allocated memory is still 2.3 GB. Free memory is still 2.2 GB. There was no memory consumed. Max. memory is 7.1 GB. [2018-11-23 11:11:09,304 INFO L168 Benchmark]: Boogie Preprocessor took 67.58 ms. Allocated memory is still 2.3 GB. Free memory is still 2.2 GB. There was no memory consumed. Max. memory is 7.1 GB. [2018-11-23 11:11:09,304 INFO L168 Benchmark]: RCFGBuilder took 1430.50 ms. Allocated memory is still 2.3 GB. Free memory was 2.2 GB in the beginning and 2.1 GB in the end (delta: 64.0 MB). Peak memory consumption was 64.0 MB. Max. memory is 7.1 GB. [2018-11-23 11:11:09,305 INFO L168 Benchmark]: TraceAbstraction took 22152.26 ms. Allocated memory was 2.3 GB in the beginning and 2.6 GB in the end (delta: 356.5 MB). Free memory was 2.1 GB in the beginning and 2.2 GB in the end (delta: -64.0 MB). Peak memory consumption was 292.5 MB. Max. memory is 7.1 GB. [2018-11-23 11:11:09,313 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - GenericResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. * CACSL2BoogieTranslator took 856.11 ms. Allocated memory was 1.5 GB in the beginning and 2.3 GB in the end (delta: 737.1 MB). Free memory was 1.4 GB in the beginning and 2.2 GB in the end (delta: -770.1 MB). Peak memory consumption was 40.3 MB. Max. memory is 7.1 GB. * Boogie Procedure Inliner took 43.74 ms. Allocated memory is still 2.3 GB. Free memory is still 2.2 GB. There was no memory consumed. Max. memory is 7.1 GB. * Boogie Preprocessor took 67.58 ms. Allocated memory is still 2.3 GB. Free memory is still 2.2 GB. There was no memory consumed. Max. memory is 7.1 GB. * RCFGBuilder took 1430.50 ms. Allocated memory is still 2.3 GB. Free memory was 2.2 GB in the beginning and 2.1 GB in the end (delta: 64.0 MB). Peak memory consumption was 64.0 MB. Max. memory is 7.1 GB. * TraceAbstraction took 22152.26 ms. Allocated memory was 2.3 GB in the beginning and 2.6 GB in the end (delta: 356.5 MB). Free memory was 2.1 GB in the beginning and 2.2 GB in the end (delta: -64.0 MB). Peak memory consumption was 292.5 MB. Max. memory is 7.1 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: BitvecLiteral 0bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: BitvecLiteral 0bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - ExceptionOrErrorResult: AssertionError: You must have same procedures except when you have threads or when this is a call or a return de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: You must have same procedures except when you have threads or when this is a call or a return: de.uni_freiburg.informatik.ultimate.core.model.translation.AtomicTraceElement.(AtomicTraceElement.java:115) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request...