./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/memsafety-broom/sll-nested-sll-twice.i --full-output --architecture 64bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 8fc3dc66 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/memsafety-broom/sll-nested-sll-twice.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-64bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 64bit --witnessprinter.graph.data.programhash f6ffaa15235a1424658c74c69505398b6d7973f6f82933a9f22a2b097e3c0057 --- Real Ultimate output --- This is Ultimate 0.3.0-?-8fc3dc6-m [2025-03-17 12:08:37,669 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-17 12:08:37,775 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-64bit-Automizer_Default.epf [2025-03-17 12:08:37,782 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-17 12:08:37,788 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-17 12:08:37,826 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-17 12:08:37,827 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-17 12:08:37,827 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-17 12:08:37,827 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-17 12:08:37,827 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-17 12:08:37,827 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-17 12:08:37,827 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-17 12:08:37,828 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Use SBE=true [2025-03-17 12:08:37,828 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Bitprecise bitfields=true [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Check unreachability of reach_error function=false [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-17 12:08:37,828 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-17 12:08:37,828 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-17 12:08:37,829 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-17 12:08:37,829 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 64bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f6ffaa15235a1424658c74c69505398b6d7973f6f82933a9f22a2b097e3c0057 [2025-03-17 12:08:38,253 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-17 12:08:38,279 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-17 12:08:38,281 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-17 12:08:38,285 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-17 12:08:38,286 INFO L274 PluginConnector]: CDTParser initialized [2025-03-17 12:08:38,288 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/memsafety-broom/sll-nested-sll-twice.i [2025-03-17 12:08:39,986 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7e05ccae7/10429957ed764abab03090b4bf019193/FLAG6cb342f1a [2025-03-17 12:08:40,493 INFO L384 CDTParser]: Found 1 translation units. [2025-03-17 12:08:40,501 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/memsafety-broom/sll-nested-sll-twice.i [2025-03-17 12:08:40,531 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7e05ccae7/10429957ed764abab03090b4bf019193/FLAG6cb342f1a [2025-03-17 12:08:40,558 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7e05ccae7/10429957ed764abab03090b4bf019193 [2025-03-17 12:08:40,561 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-17 12:08:40,566 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-17 12:08:40,572 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-17 12:08:40,572 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-17 12:08:40,576 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-17 12:08:40,581 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 17.03 12:08:40" (1/1) ... [2025-03-17 12:08:40,582 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5dcdecc7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:40, skipping insertion in model container [2025-03-17 12:08:40,583 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 17.03 12:08:40" (1/1) ... [2025-03-17 12:08:40,650 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-17 12:08:41,012 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-17 12:08:41,019 INFO L200 MainTranslator]: Completed pre-run [2025-03-17 12:08:41,101 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-17 12:08:41,124 INFO L204 MainTranslator]: Completed translation [2025-03-17 12:08:41,125 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41 WrapperNode [2025-03-17 12:08:41,126 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-17 12:08:41,126 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-17 12:08:41,126 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-17 12:08:41,127 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-17 12:08:41,131 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,148 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,170 INFO L138 Inliner]: procedures = 122, calls = 43, calls flagged for inlining = 5, calls inlined = 5, statements flattened = 74 [2025-03-17 12:08:41,175 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-17 12:08:41,175 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-17 12:08:41,176 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-17 12:08:41,177 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-17 12:08:41,184 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,184 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,191 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,215 INFO L175 MemorySlicer]: Split 22 memory accesses to 1 slices as follows [22]. 100 percent of accesses are in the largest equivalence class. The 0 initializations are split as follows [0]. The 10 writes are split as follows [10]. [2025-03-17 12:08:41,215 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,215 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,227 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,228 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,229 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,231 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,233 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-17 12:08:41,233 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-17 12:08:41,234 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-17 12:08:41,234 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-17 12:08:41,235 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (1/1) ... [2025-03-17 12:08:41,241 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-17 12:08:41,267 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:41,284 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-17 12:08:41,287 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-17 12:08:41,319 INFO L130 BoogieDeclarations]: Found specification of procedure loop_internal [2025-03-17 12:08:41,319 INFO L138 BoogieDeclarations]: Found implementation of procedure loop_internal [2025-03-17 12:08:41,319 INFO L130 BoogieDeclarations]: Found specification of procedure alloc_and_zero_internal [2025-03-17 12:08:41,319 INFO L138 BoogieDeclarations]: Found implementation of procedure alloc_and_zero_internal [2025-03-17 12:08:41,319 INFO L130 BoogieDeclarations]: Found specification of procedure create_internal [2025-03-17 12:08:41,319 INFO L138 BoogieDeclarations]: Found implementation of procedure create_internal [2025-03-17 12:08:41,319 INFO L130 BoogieDeclarations]: Found specification of procedure alloc_and_zero [2025-03-17 12:08:41,320 INFO L138 BoogieDeclarations]: Found implementation of procedure alloc_and_zero [2025-03-17 12:08:41,321 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2025-03-17 12:08:41,321 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$#0 [2025-03-17 12:08:41,321 INFO L130 BoogieDeclarations]: Found specification of procedure destroy_internal [2025-03-17 12:08:41,321 INFO L138 BoogieDeclarations]: Found implementation of procedure destroy_internal [2025-03-17 12:08:41,321 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$#0 [2025-03-17 12:08:41,321 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2025-03-17 12:08:41,321 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-17 12:08:41,321 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-17 12:08:41,468 INFO L256 CfgBuilder]: Building ICFG [2025-03-17 12:08:41,471 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-17 12:08:41,989 INFO L? ?]: Removed 120 outVars from TransFormulas that were not future-live. [2025-03-17 12:08:41,989 INFO L307 CfgBuilder]: Performing block encoding [2025-03-17 12:08:42,002 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-17 12:08:42,004 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-17 12:08:42,005 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 17.03 12:08:42 BoogieIcfgContainer [2025-03-17 12:08:42,005 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-17 12:08:42,007 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-17 12:08:42,008 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-17 12:08:42,011 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-17 12:08:42,011 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 17.03 12:08:40" (1/3) ... [2025-03-17 12:08:42,012 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ad9f476 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 17.03 12:08:42, skipping insertion in model container [2025-03-17 12:08:42,013 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.03 12:08:41" (2/3) ... [2025-03-17 12:08:42,014 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ad9f476 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 17.03 12:08:42, skipping insertion in model container [2025-03-17 12:08:42,014 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 17.03 12:08:42" (3/3) ... [2025-03-17 12:08:42,015 INFO L128 eAbstractionObserver]: Analyzing ICFG sll-nested-sll-twice.i [2025-03-17 12:08:42,027 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:None NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-17 12:08:42,028 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG sll-nested-sll-twice.i that has 6 procedures, 139 locations, 1 initial locations, 6 loop locations, and 51 error locations. [2025-03-17 12:08:42,095 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-17 12:08:42,119 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=None, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@65399b9e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-17 12:08:42,120 INFO L334 AbstractCegarLoop]: Starting to check reachability of 51 error locations. [2025-03-17 12:08:42,127 INFO L276 IsEmpty]: Start isEmpty. Operand has 139 states, 70 states have (on average 1.8428571428571427) internal successors, (129), 121 states have internal predecessors, (129), 12 states have call successors, (12), 5 states have call predecessors, (12), 5 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2025-03-17 12:08:42,135 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 5 [2025-03-17 12:08:42,136 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:42,136 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1] [2025-03-17 12:08:42,136 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting alloc_and_zeroErr4REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:42,149 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:42,150 INFO L85 PathProgramCache]: Analyzing trace with hash 4115576, now seen corresponding path program 1 times [2025-03-17 12:08:42,165 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:42,165 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1877331619] [2025-03-17 12:08:42,166 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:42,166 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:42,290 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 4 statements into 1 equivalence classes. [2025-03-17 12:08:42,330 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 4 of 4 statements. [2025-03-17 12:08:42,330 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:42,330 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:42,474 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:42,478 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:42,478 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1877331619] [2025-03-17 12:08:42,478 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1877331619] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:42,479 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:42,479 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-17 12:08:42,480 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [214941637] [2025-03-17 12:08:42,481 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:42,483 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-17 12:08:42,484 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:42,510 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-17 12:08:42,511 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:42,515 INFO L87 Difference]: Start difference. First operand has 139 states, 70 states have (on average 1.8428571428571427) internal successors, (129), 121 states have internal predecessors, (129), 12 states have call successors, (12), 5 states have call predecessors, (12), 5 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-03-17 12:08:42,725 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:42,726 INFO L93 Difference]: Finished difference Result 136 states and 148 transitions. [2025-03-17 12:08:42,727 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-17 12:08:42,728 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 4 [2025-03-17 12:08:42,729 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:42,744 INFO L225 Difference]: With dead ends: 136 [2025-03-17 12:08:42,744 INFO L226 Difference]: Without dead ends: 134 [2025-03-17 12:08:42,746 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:42,751 INFO L435 NwaCegarLoop]: 141 mSDtfsCounter, 3 mSDsluCounter, 94 mSDsCounter, 0 mSdLazyCounter, 57 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 235 SdHoareTripleChecker+Invalid, 59 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 57 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:42,752 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 235 Invalid, 59 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 57 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-03-17 12:08:42,766 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 134 states. [2025-03-17 12:08:42,797 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 134 to 134. [2025-03-17 12:08:42,803 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 134 states, 69 states have (on average 1.7681159420289856) internal successors, (122), 116 states have internal predecessors, (122), 12 states have call successors, (12), 5 states have call predecessors, (12), 5 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2025-03-17 12:08:42,812 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 134 states to 134 states and 146 transitions. [2025-03-17 12:08:42,817 INFO L78 Accepts]: Start accepts. Automaton has 134 states and 146 transitions. Word has length 4 [2025-03-17 12:08:42,818 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:42,818 INFO L471 AbstractCegarLoop]: Abstraction has 134 states and 146 transitions. [2025-03-17 12:08:42,818 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-03-17 12:08:42,818 INFO L276 IsEmpty]: Start isEmpty. Operand 134 states and 146 transitions. [2025-03-17 12:08:42,818 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 5 [2025-03-17 12:08:42,818 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:42,818 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1] [2025-03-17 12:08:42,819 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-17 12:08:42,819 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting alloc_and_zeroErr5REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:42,819 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:42,819 INFO L85 PathProgramCache]: Analyzing trace with hash 4115577, now seen corresponding path program 1 times [2025-03-17 12:08:42,819 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:42,819 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [642140108] [2025-03-17 12:08:42,819 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:42,820 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:42,830 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 4 statements into 1 equivalence classes. [2025-03-17 12:08:42,852 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 4 of 4 statements. [2025-03-17 12:08:42,852 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:42,852 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:42,960 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:42,960 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:42,960 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [642140108] [2025-03-17 12:08:42,960 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [642140108] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:42,960 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:42,961 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-17 12:08:42,961 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1351364008] [2025-03-17 12:08:42,961 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:42,961 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-17 12:08:42,961 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:42,962 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-17 12:08:42,962 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:42,962 INFO L87 Difference]: Start difference. First operand 134 states and 146 transitions. Second operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-03-17 12:08:43,118 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:43,118 INFO L93 Difference]: Finished difference Result 131 states and 143 transitions. [2025-03-17 12:08:43,119 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-17 12:08:43,119 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 4 [2025-03-17 12:08:43,120 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:43,120 INFO L225 Difference]: With dead ends: 131 [2025-03-17 12:08:43,124 INFO L226 Difference]: Without dead ends: 131 [2025-03-17 12:08:43,125 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:43,126 INFO L435 NwaCegarLoop]: 139 mSDtfsCounter, 3 mSDsluCounter, 99 mSDsCounter, 0 mSdLazyCounter, 44 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 238 SdHoareTripleChecker+Invalid, 46 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 44 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:43,126 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 238 Invalid, 46 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 44 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-17 12:08:43,129 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 131 states. [2025-03-17 12:08:43,139 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 131 to 131. [2025-03-17 12:08:43,145 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 131 states, 69 states have (on average 1.7246376811594204) internal successors, (119), 113 states have internal predecessors, (119), 12 states have call successors, (12), 5 states have call predecessors, (12), 5 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2025-03-17 12:08:43,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 131 states to 131 states and 143 transitions. [2025-03-17 12:08:43,148 INFO L78 Accepts]: Start accepts. Automaton has 131 states and 143 transitions. Word has length 4 [2025-03-17 12:08:43,148 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:43,148 INFO L471 AbstractCegarLoop]: Abstraction has 131 states and 143 transitions. [2025-03-17 12:08:43,149 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-03-17 12:08:43,150 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 143 transitions. [2025-03-17 12:08:43,150 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 15 [2025-03-17 12:08:43,150 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:43,151 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:43,151 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-17 12:08:43,151 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting alloc_and_zero_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:43,154 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:43,154 INFO L85 PathProgramCache]: Analyzing trace with hash -1404418457, now seen corresponding path program 1 times [2025-03-17 12:08:43,154 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:43,154 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1449110441] [2025-03-17 12:08:43,154 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:43,154 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:43,173 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 14 statements into 1 equivalence classes. [2025-03-17 12:08:43,192 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 14 of 14 statements. [2025-03-17 12:08:43,196 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:43,199 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:43,336 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:43,336 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:43,336 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1449110441] [2025-03-17 12:08:43,336 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1449110441] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:43,337 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:43,337 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-17 12:08:43,337 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1318806907] [2025-03-17 12:08:43,337 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:43,337 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-17 12:08:43,338 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:43,339 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-17 12:08:43,343 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:43,344 INFO L87 Difference]: Start difference. First operand 131 states and 143 transitions. Second operand has 3 states, 2 states have (on average 5.0) internal successors, (10), 3 states have internal predecessors, (10), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-17 12:08:43,455 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:43,456 INFO L93 Difference]: Finished difference Result 130 states and 142 transitions. [2025-03-17 12:08:43,458 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-17 12:08:43,458 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 5.0) internal successors, (10), 3 states have internal predecessors, (10), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 14 [2025-03-17 12:08:43,458 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:43,459 INFO L225 Difference]: With dead ends: 130 [2025-03-17 12:08:43,459 INFO L226 Difference]: Without dead ends: 130 [2025-03-17 12:08:43,459 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:43,460 INFO L435 NwaCegarLoop]: 139 mSDtfsCounter, 1 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 51 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1 SdHoareTripleChecker+Valid, 231 SdHoareTripleChecker+Invalid, 51 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 51 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:43,460 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1 Valid, 231 Invalid, 51 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 51 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-17 12:08:43,462 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 130 states. [2025-03-17 12:08:43,467 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 130 to 130. [2025-03-17 12:08:43,470 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 130 states, 69 states have (on average 1.710144927536232) internal successors, (118), 112 states have internal predecessors, (118), 12 states have call successors, (12), 5 states have call predecessors, (12), 5 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2025-03-17 12:08:43,471 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 130 states to 130 states and 142 transitions. [2025-03-17 12:08:43,473 INFO L78 Accepts]: Start accepts. Automaton has 130 states and 142 transitions. Word has length 14 [2025-03-17 12:08:43,474 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:43,474 INFO L471 AbstractCegarLoop]: Abstraction has 130 states and 142 transitions. [2025-03-17 12:08:43,474 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 5.0) internal successors, (10), 3 states have internal predecessors, (10), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-17 12:08:43,474 INFO L276 IsEmpty]: Start isEmpty. Operand 130 states and 142 transitions. [2025-03-17 12:08:43,474 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 15 [2025-03-17 12:08:43,475 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:43,475 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:43,475 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-17 12:08:43,475 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting alloc_and_zero_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:43,476 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:43,476 INFO L85 PathProgramCache]: Analyzing trace with hash -1404418456, now seen corresponding path program 1 times [2025-03-17 12:08:43,476 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:43,476 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1583133539] [2025-03-17 12:08:43,476 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:43,476 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:43,485 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 14 statements into 1 equivalence classes. [2025-03-17 12:08:43,495 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 14 of 14 statements. [2025-03-17 12:08:43,496 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:43,496 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:43,596 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:43,596 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:43,597 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1583133539] [2025-03-17 12:08:43,597 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1583133539] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:43,597 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:43,597 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-17 12:08:43,597 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [659364746] [2025-03-17 12:08:43,597 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:43,598 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-17 12:08:43,598 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:43,598 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-17 12:08:43,598 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:43,599 INFO L87 Difference]: Start difference. First operand 130 states and 142 transitions. Second operand has 3 states, 2 states have (on average 5.0) internal successors, (10), 3 states have internal predecessors, (10), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-17 12:08:43,687 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:43,687 INFO L93 Difference]: Finished difference Result 129 states and 141 transitions. [2025-03-17 12:08:43,687 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-17 12:08:43,687 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 5.0) internal successors, (10), 3 states have internal predecessors, (10), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 14 [2025-03-17 12:08:43,688 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:43,693 INFO L225 Difference]: With dead ends: 129 [2025-03-17 12:08:43,694 INFO L226 Difference]: Without dead ends: 129 [2025-03-17 12:08:43,694 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-17 12:08:43,694 INFO L435 NwaCegarLoop]: 139 mSDtfsCounter, 1 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 43 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 43 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 43 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:43,694 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1 Valid, 237 Invalid, 43 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 43 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-17 12:08:43,695 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2025-03-17 12:08:43,700 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 129. [2025-03-17 12:08:43,707 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 69 states have (on average 1.6956521739130435) internal successors, (117), 111 states have internal predecessors, (117), 12 states have call successors, (12), 5 states have call predecessors, (12), 5 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2025-03-17 12:08:43,708 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 141 transitions. [2025-03-17 12:08:43,711 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 141 transitions. Word has length 14 [2025-03-17 12:08:43,711 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:43,711 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 141 transitions. [2025-03-17 12:08:43,711 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 5.0) internal successors, (10), 3 states have internal predecessors, (10), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-17 12:08:43,711 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 141 transitions. [2025-03-17 12:08:43,712 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-03-17 12:08:43,715 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:43,716 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:43,716 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-17 12:08:43,716 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr30REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:43,716 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:43,716 INFO L85 PathProgramCache]: Analyzing trace with hash -1785401771, now seen corresponding path program 1 times [2025-03-17 12:08:43,716 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:43,716 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [581463924] [2025-03-17 12:08:43,716 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:43,717 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:43,735 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-03-17 12:08:43,757 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-03-17 12:08:43,758 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:43,758 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:44,221 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:44,221 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:44,221 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [581463924] [2025-03-17 12:08:44,222 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [581463924] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:44,222 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:44,222 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-03-17 12:08:44,222 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1908130759] [2025-03-17 12:08:44,222 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:44,222 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2025-03-17 12:08:44,223 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:44,227 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2025-03-17 12:08:44,227 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-17 12:08:44,227 INFO L87 Difference]: Start difference. First operand 129 states and 141 transitions. Second operand has 10 states, 9 states have (on average 2.0) internal successors, (18), 8 states have internal predecessors, (18), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-17 12:08:44,791 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:44,791 INFO L93 Difference]: Finished difference Result 164 states and 190 transitions. [2025-03-17 12:08:44,791 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-17 12:08:44,792 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 2.0) internal successors, (18), 8 states have internal predecessors, (18), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 24 [2025-03-17 12:08:44,792 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:44,793 INFO L225 Difference]: With dead ends: 164 [2025-03-17 12:08:44,793 INFO L226 Difference]: Without dead ends: 164 [2025-03-17 12:08:44,794 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2025-03-17 12:08:44,815 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 45 mSDsluCounter, 407 mSDsCounter, 0 mSdLazyCounter, 576 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 506 SdHoareTripleChecker+Invalid, 604 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 576 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:44,820 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 506 Invalid, 604 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 576 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2025-03-17 12:08:44,821 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 164 states. [2025-03-17 12:08:44,826 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 164 to 145. [2025-03-17 12:08:44,826 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 145 states, 84 states have (on average 1.6904761904761905) internal successors, (142), 122 states have internal predecessors, (142), 13 states have call successors, (13), 5 states have call predecessors, (13), 6 states have return successors, (17), 17 states have call predecessors, (17), 13 states have call successors, (17) [2025-03-17 12:08:44,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 145 states to 145 states and 172 transitions. [2025-03-17 12:08:44,828 INFO L78 Accepts]: Start accepts. Automaton has 145 states and 172 transitions. Word has length 24 [2025-03-17 12:08:44,828 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:44,828 INFO L471 AbstractCegarLoop]: Abstraction has 145 states and 172 transitions. [2025-03-17 12:08:44,828 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 2.0) internal successors, (18), 8 states have internal predecessors, (18), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-17 12:08:44,828 INFO L276 IsEmpty]: Start isEmpty. Operand 145 states and 172 transitions. [2025-03-17 12:08:44,828 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-03-17 12:08:44,829 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:44,829 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:44,829 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-17 12:08:44,829 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr31REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:44,829 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:44,830 INFO L85 PathProgramCache]: Analyzing trace with hash -1785401770, now seen corresponding path program 1 times [2025-03-17 12:08:44,830 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:44,830 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [949646950] [2025-03-17 12:08:44,830 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:44,830 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:44,839 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-03-17 12:08:44,846 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-03-17 12:08:44,846 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:44,846 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:45,286 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:45,287 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:45,287 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [949646950] [2025-03-17 12:08:45,287 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [949646950] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:45,287 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:45,287 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2025-03-17 12:08:45,287 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1230210749] [2025-03-17 12:08:45,287 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:45,287 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2025-03-17 12:08:45,287 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:45,287 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2025-03-17 12:08:45,288 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=87, Unknown=0, NotChecked=0, Total=110 [2025-03-17 12:08:45,288 INFO L87 Difference]: Start difference. First operand 145 states and 172 transitions. Second operand has 11 states, 9 states have (on average 2.0) internal successors, (18), 8 states have internal predecessors, (18), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-17 12:08:45,867 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:45,868 INFO L93 Difference]: Finished difference Result 182 states and 219 transitions. [2025-03-17 12:08:45,868 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2025-03-17 12:08:45,868 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.0) internal successors, (18), 8 states have internal predecessors, (18), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 24 [2025-03-17 12:08:45,868 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:45,869 INFO L225 Difference]: With dead ends: 182 [2025-03-17 12:08:45,869 INFO L226 Difference]: Without dead ends: 182 [2025-03-17 12:08:45,869 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=32, Invalid=124, Unknown=0, NotChecked=0, Total=156 [2025-03-17 12:08:45,870 INFO L435 NwaCegarLoop]: 118 mSDtfsCounter, 56 mSDsluCounter, 434 mSDsCounter, 0 mSdLazyCounter, 831 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 56 SdHoareTripleChecker+Valid, 552 SdHoareTripleChecker+Invalid, 858 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 831 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:45,870 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [56 Valid, 552 Invalid, 858 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 831 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2025-03-17 12:08:45,872 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 182 states. [2025-03-17 12:08:45,880 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 182 to 163. [2025-03-17 12:08:45,881 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 163 states, 98 states have (on average 1.6326530612244898) internal successors, (160), 136 states have internal predecessors, (160), 17 states have call successors, (17), 5 states have call predecessors, (17), 6 states have return successors, (24), 21 states have call predecessors, (24), 17 states have call successors, (24) [2025-03-17 12:08:45,882 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 163 states to 163 states and 201 transitions. [2025-03-17 12:08:45,882 INFO L78 Accepts]: Start accepts. Automaton has 163 states and 201 transitions. Word has length 24 [2025-03-17 12:08:45,882 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:45,886 INFO L471 AbstractCegarLoop]: Abstraction has 163 states and 201 transitions. [2025-03-17 12:08:45,886 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 2.0) internal successors, (18), 8 states have internal predecessors, (18), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-17 12:08:45,886 INFO L276 IsEmpty]: Start isEmpty. Operand 163 states and 201 transitions. [2025-03-17 12:08:45,886 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-03-17 12:08:45,886 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:45,886 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:45,887 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-17 12:08:45,887 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting create_internalErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:45,887 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:45,887 INFO L85 PathProgramCache]: Analyzing trace with hash -22914667, now seen corresponding path program 1 times [2025-03-17 12:08:45,887 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:45,887 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [565133795] [2025-03-17 12:08:45,887 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:45,887 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:45,901 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-03-17 12:08:45,912 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-03-17 12:08:45,912 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:45,912 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:46,087 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:46,088 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:46,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [565133795] [2025-03-17 12:08:46,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [565133795] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:46,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [798763393] [2025-03-17 12:08:46,088 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:46,088 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:46,089 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:46,091 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:08:46,093 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-17 12:08:46,143 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-03-17 12:08:46,165 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-03-17 12:08:46,165 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:46,165 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:46,168 INFO L256 TraceCheckSpWp]: Trace formula consists of 185 conjuncts, 17 conjuncts are in the unsatisfiable core [2025-03-17 12:08:46,175 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:08:46,206 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:08:46,232 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))) is different from true [2025-03-17 12:08:46,258 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2025-03-17 12:08:46,258 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2025-03-17 12:08:46,267 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 4 not checked. [2025-03-17 12:08:46,267 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:08:46,397 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 1 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:46,397 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [798763393] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-17 12:08:46,397 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-17 12:08:46,397 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 7, 6] total 11 [2025-03-17 12:08:46,398 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1140062727] [2025-03-17 12:08:46,398 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-17 12:08:46,398 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2025-03-17 12:08:46,398 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:46,398 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2025-03-17 12:08:46,399 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=84, Unknown=1, NotChecked=18, Total=132 [2025-03-17 12:08:46,399 INFO L87 Difference]: Start difference. First operand 163 states and 201 transitions. Second operand has 12 states, 11 states have (on average 2.727272727272727) internal successors, (30), 10 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 5 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-17 12:08:46,815 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:46,815 INFO L93 Difference]: Finished difference Result 177 states and 219 transitions. [2025-03-17 12:08:46,815 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2025-03-17 12:08:46,815 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 2.727272727272727) internal successors, (30), 10 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 5 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 27 [2025-03-17 12:08:46,815 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:46,816 INFO L225 Difference]: With dead ends: 177 [2025-03-17 12:08:46,816 INFO L226 Difference]: Without dead ends: 177 [2025-03-17 12:08:46,816 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 68 GetRequests, 49 SyntacticMatches, 5 SemanticMatches, 14 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=49, Invalid=164, Unknown=1, NotChecked=26, Total=240 [2025-03-17 12:08:46,817 INFO L435 NwaCegarLoop]: 113 mSDtfsCounter, 51 mSDsluCounter, 492 mSDsCounter, 0 mSdLazyCounter, 524 mSolverCounterSat, 20 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 605 SdHoareTripleChecker+Invalid, 707 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 20 IncrementalHoareTripleChecker+Valid, 524 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 163 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:46,817 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [51 Valid, 605 Invalid, 707 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [20 Valid, 524 Invalid, 0 Unknown, 163 Unchecked, 0.3s Time] [2025-03-17 12:08:46,817 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 177 states. [2025-03-17 12:08:46,821 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 177 to 164. [2025-03-17 12:08:46,821 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 164 states, 99 states have (on average 1.6262626262626263) internal successors, (161), 136 states have internal predecessors, (161), 18 states have call successors, (18), 5 states have call predecessors, (18), 6 states have return successors, (25), 22 states have call predecessors, (25), 18 states have call successors, (25) [2025-03-17 12:08:46,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 164 states to 164 states and 204 transitions. [2025-03-17 12:08:46,822 INFO L78 Accepts]: Start accepts. Automaton has 164 states and 204 transitions. Word has length 27 [2025-03-17 12:08:46,822 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:46,822 INFO L471 AbstractCegarLoop]: Abstraction has 164 states and 204 transitions. [2025-03-17 12:08:46,822 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 2.727272727272727) internal successors, (30), 10 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 5 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-17 12:08:46,822 INFO L276 IsEmpty]: Start isEmpty. Operand 164 states and 204 transitions. [2025-03-17 12:08:46,823 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-03-17 12:08:46,823 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:46,823 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:46,832 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-17 12:08:47,023 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:47,024 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting create_internalErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:47,024 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:47,024 INFO L85 PathProgramCache]: Analyzing trace with hash -22914666, now seen corresponding path program 1 times [2025-03-17 12:08:47,024 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:47,024 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [349261955] [2025-03-17 12:08:47,024 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:47,024 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:47,033 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-03-17 12:08:47,042 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-03-17 12:08:47,043 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:47,043 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:47,327 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 1 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:47,327 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:47,327 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [349261955] [2025-03-17 12:08:47,327 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [349261955] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:47,327 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [773353313] [2025-03-17 12:08:47,328 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:47,328 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:47,328 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:47,332 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:08:47,334 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-17 12:08:47,381 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-03-17 12:08:47,398 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-03-17 12:08:47,398 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:47,398 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:47,400 INFO L256 TraceCheckSpWp]: Trace formula consists of 185 conjuncts, 27 conjuncts are in the unsatisfiable core [2025-03-17 12:08:47,401 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:08:47,408 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:08:47,508 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (store |c_old(#length)| alloc_and_zero_internal_~pi~1.base 8) |c_#length|)) is different from true [2025-03-17 12:08:47,529 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2025-03-17 12:08:47,530 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2025-03-17 12:08:47,548 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 4 not checked. [2025-03-17 12:08:47,549 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:08:47,774 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 1 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:08:47,775 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [773353313] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-17 12:08:47,775 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-17 12:08:47,775 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 7, 7] total 20 [2025-03-17 12:08:47,775 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [930880975] [2025-03-17 12:08:47,775 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-17 12:08:47,775 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2025-03-17 12:08:47,775 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:47,775 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2025-03-17 12:08:47,776 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=327, Unknown=1, NotChecked=36, Total=420 [2025-03-17 12:08:47,776 INFO L87 Difference]: Start difference. First operand 164 states and 204 transitions. Second operand has 21 states, 20 states have (on average 2.15) internal successors, (43), 15 states have internal predecessors, (43), 4 states have call successors, (6), 4 states have call predecessors, (6), 7 states have return successors, (7), 7 states have call predecessors, (7), 4 states have call successors, (7) [2025-03-17 12:08:48,635 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:48,637 INFO L93 Difference]: Finished difference Result 178 states and 219 transitions. [2025-03-17 12:08:48,637 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-03-17 12:08:48,637 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 20 states have (on average 2.15) internal successors, (43), 15 states have internal predecessors, (43), 4 states have call successors, (6), 4 states have call predecessors, (6), 7 states have return successors, (7), 7 states have call predecessors, (7), 4 states have call successors, (7) Word has length 27 [2025-03-17 12:08:48,637 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:48,638 INFO L225 Difference]: With dead ends: 178 [2025-03-17 12:08:48,639 INFO L226 Difference]: Without dead ends: 178 [2025-03-17 12:08:48,640 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 70 GetRequests, 40 SyntacticMatches, 3 SemanticMatches, 27 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 126 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=119, Invalid=640, Unknown=1, NotChecked=52, Total=812 [2025-03-17 12:08:48,640 INFO L435 NwaCegarLoop]: 104 mSDtfsCounter, 109 mSDsluCounter, 543 mSDsCounter, 0 mSdLazyCounter, 813 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 109 SdHoareTripleChecker+Valid, 647 SdHoareTripleChecker+Invalid, 999 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 813 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 163 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:48,640 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [109 Valid, 647 Invalid, 999 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 813 Invalid, 0 Unknown, 163 Unchecked, 0.6s Time] [2025-03-17 12:08:48,641 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 178 states. [2025-03-17 12:08:48,649 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 178 to 163. [2025-03-17 12:08:48,650 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 163 states, 99 states have (on average 1.606060606060606) internal successors, (159), 135 states have internal predecessors, (159), 18 states have call successors, (18), 5 states have call predecessors, (18), 6 states have return successors, (25), 22 states have call predecessors, (25), 18 states have call successors, (25) [2025-03-17 12:08:48,651 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 163 states to 163 states and 202 transitions. [2025-03-17 12:08:48,653 INFO L78 Accepts]: Start accepts. Automaton has 163 states and 202 transitions. Word has length 27 [2025-03-17 12:08:48,653 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:48,653 INFO L471 AbstractCegarLoop]: Abstraction has 163 states and 202 transitions. [2025-03-17 12:08:48,653 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 20 states have (on average 2.15) internal successors, (43), 15 states have internal predecessors, (43), 4 states have call successors, (6), 4 states have call predecessors, (6), 7 states have return successors, (7), 7 states have call predecessors, (7), 4 states have call successors, (7) [2025-03-17 12:08:48,653 INFO L276 IsEmpty]: Start isEmpty. Operand 163 states and 202 transitions. [2025-03-17 12:08:48,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2025-03-17 12:08:48,654 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:48,654 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:48,661 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-17 12:08:48,859 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2025-03-17 12:08:48,859 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr30REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:48,860 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:48,860 INFO L85 PathProgramCache]: Analyzing trace with hash -293035472, now seen corresponding path program 1 times [2025-03-17 12:08:48,860 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:48,860 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1666287463] [2025-03-17 12:08:48,860 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:48,860 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:48,872 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 36 statements into 1 equivalence classes. [2025-03-17 12:08:48,881 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 36 of 36 statements. [2025-03-17 12:08:48,882 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:48,882 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:49,311 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 1 proven. 4 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2025-03-17 12:08:49,312 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:49,312 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1666287463] [2025-03-17 12:08:49,312 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1666287463] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:49,312 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [239164998] [2025-03-17 12:08:49,312 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:49,312 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:49,312 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:49,315 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:08:49,318 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-17 12:08:49,371 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 36 statements into 1 equivalence classes. [2025-03-17 12:08:49,393 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 36 of 36 statements. [2025-03-17 12:08:49,393 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:49,393 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:49,399 INFO L256 TraceCheckSpWp]: Trace formula consists of 223 conjuncts, 32 conjuncts are in the unsatisfiable core [2025-03-17 12:08:49,402 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:08:49,405 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:08:49,481 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))) is different from true [2025-03-17 12:08:49,504 WARN L851 $PredicateComparison]: unable to prove that (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= .cse0 c_create_internal_~now~0.base) (= (store |c_old(#valid)| .cse0 (select |v_#valid_BEFORE_CALL_8| .cse0)) |v_#valid_BEFORE_CALL_8|)))) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) is different from false [2025-03-17 12:08:49,506 WARN L873 $PredicateComparison]: unable to prove that (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= .cse0 c_create_internal_~now~0.base) (= (store |c_old(#valid)| .cse0 (select |v_#valid_BEFORE_CALL_8| .cse0)) |v_#valid_BEFORE_CALL_8|)))) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) is different from true [2025-03-17 12:08:49,526 WARN L851 $PredicateComparison]: unable to prove that (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse0) 1) (= (store |c_old(#valid)| .cse0 (select |v_#valid_BEFORE_CALL_8| .cse0)) |v_#valid_BEFORE_CALL_8|)))) (and (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))))) is different from false [2025-03-17 12:08:49,527 WARN L873 $PredicateComparison]: unable to prove that (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse0) 1) (= (store |c_old(#valid)| .cse0 (select |v_#valid_BEFORE_CALL_8| .cse0)) |v_#valid_BEFORE_CALL_8|)))) (and (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))))) is different from true [2025-03-17 12:08:49,645 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2025-03-17 12:08:49,645 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2025-03-17 12:08:49,662 WARN L851 $PredicateComparison]: unable to prove that (or (and (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (exists ((|v_#valid_BEFORE_CALL_9| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_9| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_#valid_BEFORE_CALL_9| .cse0 (select |v_#valid_BEFORE_CALL_8| .cse0)) |v_#valid_BEFORE_CALL_8|) (= (select |c_#valid| .cse0) 1)))) (= (select |v_#valid_BEFORE_CALL_9| |c_ULTIMATE.start_create_~now~1#1.base|) 1)))) is different from false [2025-03-17 12:08:49,665 WARN L873 $PredicateComparison]: unable to prove that (or (and (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (exists ((|v_#valid_BEFORE_CALL_9| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_9| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_#valid_BEFORE_CALL_9| .cse0 (select |v_#valid_BEFORE_CALL_8| .cse0)) |v_#valid_BEFORE_CALL_8|) (= (select |c_#valid| .cse0) 1)))) (= (select |v_#valid_BEFORE_CALL_9| |c_ULTIMATE.start_create_~now~1#1.base|) 1)))) is different from true [2025-03-17 12:08:49,666 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 6 not checked. [2025-03-17 12:08:49,666 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:08:49,858 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [239164998] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:49,858 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:08:49,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 14] total 18 [2025-03-17 12:08:49,858 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1281394462] [2025-03-17 12:08:49,859 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:08:49,859 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2025-03-17 12:08:49,859 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:49,859 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2025-03-17 12:08:49,859 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=75, Invalid=240, Unknown=7, NotChecked=140, Total=462 [2025-03-17 12:08:49,860 INFO L87 Difference]: Start difference. First operand 163 states and 202 transitions. Second operand has 19 states, 18 states have (on average 2.3333333333333335) internal successors, (42), 13 states have internal predecessors, (42), 4 states have call successors, (4), 2 states have call predecessors, (4), 6 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) [2025-03-17 12:08:50,044 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse5 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse0 (select |c_#valid| .cse5))) (let ((.cse1 (store |c_old(#valid)| .cse5 .cse0))) (let ((.cse2 (@diff .cse1 |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse2))) (and (or (= |c_#valid| |c_old(#valid)|) (= .cse0 1)) (= |c_#valid| (store .cse1 .cse2 .cse3)) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse4 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= .cse4 c_create_internal_~now~0.base) (= (store |c_old(#valid)| .cse4 (select |v_#valid_BEFORE_CALL_8| .cse4)) |v_#valid_BEFORE_CALL_8|)))) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) (or (= .cse3 1) (= |c_#valid| .cse1)))))))) is different from false [2025-03-17 12:08:50,047 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse5 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse0 (select |c_#valid| .cse5))) (let ((.cse1 (store |c_old(#valid)| .cse5 .cse0))) (let ((.cse2 (@diff .cse1 |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse2))) (and (or (= |c_#valid| |c_old(#valid)|) (= .cse0 1)) (= |c_#valid| (store .cse1 .cse2 .cse3)) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse4 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= .cse4 c_create_internal_~now~0.base) (= (store |c_old(#valid)| .cse4 (select |v_#valid_BEFORE_CALL_8| .cse4)) |v_#valid_BEFORE_CALL_8|)))) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) (or (= .cse3 1) (= |c_#valid| .cse1)))))))) is different from true [2025-03-17 12:08:50,052 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse5 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse0 (select |c_#valid| .cse5))) (let ((.cse2 (store |c_old(#valid)| .cse5 .cse0))) (let ((.cse3 (@diff .cse2 |c_#valid|))) (let ((.cse4 (select |c_#valid| .cse3))) (and (or (= |c_#valid| |c_old(#valid)|) (= .cse0 1)) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse1 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse1) 1) (= (store |c_old(#valid)| .cse1 (select |v_#valid_BEFORE_CALL_8| .cse1)) |v_#valid_BEFORE_CALL_8|)))) (and (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))))) (= |c_#valid| (store .cse2 .cse3 .cse4)) (or (= .cse4 1) (= |c_#valid| .cse2)))))))) is different from false [2025-03-17 12:08:50,054 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse5 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse0 (select |c_#valid| .cse5))) (let ((.cse2 (store |c_old(#valid)| .cse5 .cse0))) (let ((.cse3 (@diff .cse2 |c_#valid|))) (let ((.cse4 (select |c_#valid| .cse3))) (and (or (= |c_#valid| |c_old(#valid)|) (= .cse0 1)) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse1 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse1) 1) (= (store |c_old(#valid)| .cse1 (select |v_#valid_BEFORE_CALL_8| .cse1)) |v_#valid_BEFORE_CALL_8|)))) (and (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))))) (= |c_#valid| (store .cse2 .cse3 .cse4)) (or (= .cse4 1) (= |c_#valid| .cse2)))))))) is different from true [2025-03-17 12:08:50,063 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and .cse0 (or (and .cse0 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (exists ((|v_#valid_BEFORE_CALL_9| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_9| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_#valid_BEFORE_CALL_9| .cse1 (select |v_#valid_BEFORE_CALL_8| .cse1)) |v_#valid_BEFORE_CALL_8|) (= (select |c_#valid| .cse1) 1)))) (= (select |v_#valid_BEFORE_CALL_9| |c_ULTIMATE.start_create_~now~1#1.base|) 1)))))) is different from false [2025-03-17 12:08:50,065 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and .cse0 (or (and .cse0 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (exists ((|v_#valid_BEFORE_CALL_9| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_8| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_9| |v_#valid_BEFORE_CALL_8|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_8| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_#valid_BEFORE_CALL_9| .cse1 (select |v_#valid_BEFORE_CALL_8| .cse1)) |v_#valid_BEFORE_CALL_8|) (= (select |c_#valid| .cse1) 1)))) (= (select |v_#valid_BEFORE_CALL_9| |c_ULTIMATE.start_create_~now~1#1.base|) 1)))))) is different from true [2025-03-17 12:08:50,461 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:50,461 INFO L93 Difference]: Finished difference Result 193 states and 242 transitions. [2025-03-17 12:08:50,461 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2025-03-17 12:08:50,462 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 18 states have (on average 2.3333333333333335) internal successors, (42), 13 states have internal predecessors, (42), 4 states have call successors, (4), 2 states have call predecessors, (4), 6 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) Word has length 36 [2025-03-17 12:08:50,462 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:50,463 INFO L225 Difference]: With dead ends: 193 [2025-03-17 12:08:50,463 INFO L226 Difference]: Without dead ends: 193 [2025-03-17 12:08:50,463 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 77 GetRequests, 46 SyntacticMatches, 3 SemanticMatches, 28 ConstructedPredicates, 7 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=128, Invalid=393, Unknown=13, NotChecked=336, Total=870 [2025-03-17 12:08:50,463 INFO L435 NwaCegarLoop]: 96 mSDtfsCounter, 60 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 826 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 696 SdHoareTripleChecker+Invalid, 1882 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 826 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 1029 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:50,464 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 696 Invalid, 1882 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 826 Invalid, 0 Unknown, 1029 Unchecked, 0.5s Time] [2025-03-17 12:08:50,464 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 193 states. [2025-03-17 12:08:50,467 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 193 to 172. [2025-03-17 12:08:50,467 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 172 states, 107 states have (on average 1.5794392523364487) internal successors, (169), 143 states have internal predecessors, (169), 18 states have call successors, (18), 5 states have call predecessors, (18), 7 states have return successors, (32), 23 states have call predecessors, (32), 18 states have call successors, (32) [2025-03-17 12:08:50,468 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 172 states to 172 states and 219 transitions. [2025-03-17 12:08:50,468 INFO L78 Accepts]: Start accepts. Automaton has 172 states and 219 transitions. Word has length 36 [2025-03-17 12:08:50,468 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:50,469 INFO L471 AbstractCegarLoop]: Abstraction has 172 states and 219 transitions. [2025-03-17 12:08:50,469 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 18 states have (on average 2.3333333333333335) internal successors, (42), 13 states have internal predecessors, (42), 4 states have call successors, (4), 2 states have call predecessors, (4), 6 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) [2025-03-17 12:08:50,469 INFO L276 IsEmpty]: Start isEmpty. Operand 172 states and 219 transitions. [2025-03-17 12:08:50,469 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2025-03-17 12:08:50,469 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:50,469 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:50,475 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-17 12:08:50,671 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:50,671 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr31REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:50,671 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:50,671 INFO L85 PathProgramCache]: Analyzing trace with hash -293035471, now seen corresponding path program 1 times [2025-03-17 12:08:50,671 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:50,671 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1447766716] [2025-03-17 12:08:50,671 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:50,672 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:50,678 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 36 statements into 1 equivalence classes. [2025-03-17 12:08:50,684 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 36 of 36 statements. [2025-03-17 12:08:50,684 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:50,684 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:51,109 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-03-17 12:08:51,110 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:51,110 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1447766716] [2025-03-17 12:08:51,110 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1447766716] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:51,110 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1056895128] [2025-03-17 12:08:51,110 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:51,110 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:51,110 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:51,112 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:08:51,114 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-17 12:08:51,163 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 36 statements into 1 equivalence classes. [2025-03-17 12:08:51,181 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 36 of 36 statements. [2025-03-17 12:08:51,182 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:51,182 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:51,183 INFO L256 TraceCheckSpWp]: Trace formula consists of 223 conjuncts, 51 conjuncts are in the unsatisfiable core [2025-03-17 12:08:51,185 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:08:51,223 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:08:51,229 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2025-03-17 12:08:51,387 WARN L873 $PredicateComparison]: unable to prove that (exists ((create_internal_~now~0.base Int)) (and (= (select |c_old(#valid)| create_internal_~now~0.base) 0) (= |c_#length| (store |c_old(#length)| create_internal_~now~0.base (select |c_#length| create_internal_~now~0.base))) (= |c_#valid| (store |c_old(#valid)| create_internal_~now~0.base (select |c_#valid| create_internal_~now~0.base))))) is different from true [2025-03-17 12:08:51,413 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (and (= (store |c_old(#length)| alloc_and_zero_internal_~pi~1.base (select |c_#length| alloc_and_zero_internal_~pi~1.base)) |c_#length|) (= (select |c_old(#valid)| alloc_and_zero_internal_~pi~1.base) 0))) is different from true [2025-03-17 12:08:51,596 INFO L349 Elim1Store]: treesize reduction 71, result has 15.5 percent of original size [2025-03-17 12:08:51,596 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 2 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 49 treesize of output 76 [2025-03-17 12:08:51,621 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2025-03-17 12:08:51,622 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 4 select indices, 4 select index equivalence classes, 0 disjoint index pairs (out of 6 index pairs), introduced 4 new quantified variables, introduced 6 case distinctions, treesize of input 34 treesize of output 74 [2025-03-17 12:08:52,036 INFO L349 Elim1Store]: treesize reduction 52, result has 8.8 percent of original size [2025-03-17 12:08:52,037 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 4 case distinctions, treesize of input 31 treesize of output 14 [2025-03-17 12:08:52,050 INFO L349 Elim1Store]: treesize reduction 29, result has 3.3 percent of original size [2025-03-17 12:08:52,051 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 5 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 31 treesize of output 1 [2025-03-17 12:08:52,069 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 6 not checked. [2025-03-17 12:08:52,069 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:08:52,244 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1056895128] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:52,244 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:08:52,244 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13] total 23 [2025-03-17 12:08:52,244 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [988206469] [2025-03-17 12:08:52,244 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:08:52,244 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2025-03-17 12:08:52,244 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:52,245 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2025-03-17 12:08:52,245 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=87, Invalid=471, Unknown=2, NotChecked=90, Total=650 [2025-03-17 12:08:52,245 INFO L87 Difference]: Start difference. First operand 172 states and 219 transitions. Second operand has 24 states, 21 states have (on average 2.5238095238095237) internal successors, (53), 18 states have internal predecessors, (53), 6 states have call successors, (6), 2 states have call predecessors, (6), 8 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) [2025-03-17 12:08:53,660 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:53,661 INFO L93 Difference]: Finished difference Result 220 states and 283 transitions. [2025-03-17 12:08:53,661 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2025-03-17 12:08:53,661 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 21 states have (on average 2.5238095238095237) internal successors, (53), 18 states have internal predecessors, (53), 6 states have call successors, (6), 2 states have call predecessors, (6), 8 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) Word has length 36 [2025-03-17 12:08:53,661 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:53,663 INFO L225 Difference]: With dead ends: 220 [2025-03-17 12:08:53,663 INFO L226 Difference]: Without dead ends: 220 [2025-03-17 12:08:53,663 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 60 GetRequests, 30 SyntacticMatches, 2 SemanticMatches, 28 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 133 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=125, Invalid=637, Unknown=2, NotChecked=106, Total=870 [2025-03-17 12:08:53,663 INFO L435 NwaCegarLoop]: 82 mSDtfsCounter, 99 mSDsluCounter, 601 mSDsCounter, 0 mSdLazyCounter, 1489 mSolverCounterSat, 39 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 99 SdHoareTripleChecker+Valid, 683 SdHoareTripleChecker+Invalid, 1979 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 39 IncrementalHoareTripleChecker+Valid, 1489 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 451 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:53,663 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [99 Valid, 683 Invalid, 1979 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [39 Valid, 1489 Invalid, 0 Unknown, 451 Unchecked, 1.0s Time] [2025-03-17 12:08:53,664 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 220 states. [2025-03-17 12:08:53,668 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 220 to 178. [2025-03-17 12:08:53,668 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 178 states, 113 states have (on average 1.6017699115044248) internal successors, (181), 147 states have internal predecessors, (181), 18 states have call successors, (18), 5 states have call predecessors, (18), 7 states have return successors, (32), 25 states have call predecessors, (32), 18 states have call successors, (32) [2025-03-17 12:08:53,669 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 178 states to 178 states and 231 transitions. [2025-03-17 12:08:53,669 INFO L78 Accepts]: Start accepts. Automaton has 178 states and 231 transitions. Word has length 36 [2025-03-17 12:08:53,669 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:53,669 INFO L471 AbstractCegarLoop]: Abstraction has 178 states and 231 transitions. [2025-03-17 12:08:53,669 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 21 states have (on average 2.5238095238095237) internal successors, (53), 18 states have internal predecessors, (53), 6 states have call successors, (6), 2 states have call predecessors, (6), 8 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) [2025-03-17 12:08:53,670 INFO L276 IsEmpty]: Start isEmpty. Operand 178 states and 231 transitions. [2025-03-17 12:08:53,670 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-03-17 12:08:53,670 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:53,670 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:53,677 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-03-17 12:08:53,874 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:53,874 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting create_internalErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:53,874 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:53,874 INFO L85 PathProgramCache]: Analyzing trace with hash 1855017946, now seen corresponding path program 1 times [2025-03-17 12:08:53,874 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:53,874 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1563573725] [2025-03-17 12:08:53,874 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:53,874 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:53,882 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-17 12:08:53,889 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-17 12:08:53,889 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:53,889 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:54,058 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 14 proven. 4 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-03-17 12:08:54,059 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:54,059 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1563573725] [2025-03-17 12:08:54,059 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1563573725] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:54,059 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1390934070] [2025-03-17 12:08:54,059 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:54,059 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:54,059 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:54,061 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:08:54,064 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-17 12:08:54,117 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-17 12:08:54,140 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-17 12:08:54,141 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:54,141 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:54,142 INFO L256 TraceCheckSpWp]: Trace formula consists of 255 conjuncts, 21 conjuncts are in the unsatisfiable core [2025-03-17 12:08:54,144 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:08:54,148 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:08:54,159 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 1 [2025-03-17 12:08:54,165 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2025-03-17 12:08:54,178 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))) is different from true [2025-03-17 12:08:54,191 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2025-03-17 12:08:54,192 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2025-03-17 12:08:54,200 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 4 not checked. [2025-03-17 12:08:54,200 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:08:54,318 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 5 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-03-17 12:08:54,318 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1390934070] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-17 12:08:54,318 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-17 12:08:54,318 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 9, 8] total 13 [2025-03-17 12:08:54,318 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2116326780] [2025-03-17 12:08:54,318 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-17 12:08:54,319 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2025-03-17 12:08:54,319 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:54,319 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2025-03-17 12:08:54,319 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=126, Unknown=1, NotChecked=22, Total=182 [2025-03-17 12:08:54,319 INFO L87 Difference]: Start difference. First operand 178 states and 231 transitions. Second operand has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 12 states have internal predecessors, (38), 2 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2025-03-17 12:08:54,764 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:54,764 INFO L93 Difference]: Finished difference Result 190 states and 245 transitions. [2025-03-17 12:08:54,765 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2025-03-17 12:08:54,765 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 12 states have internal predecessors, (38), 2 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 39 [2025-03-17 12:08:54,765 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:54,766 INFO L225 Difference]: With dead ends: 190 [2025-03-17 12:08:54,766 INFO L226 Difference]: Without dead ends: 190 [2025-03-17 12:08:54,767 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 96 GetRequests, 74 SyntacticMatches, 4 SemanticMatches, 18 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=63, Invalid=282, Unknown=1, NotChecked=34, Total=380 [2025-03-17 12:08:54,768 INFO L435 NwaCegarLoop]: 122 mSDtfsCounter, 47 mSDsluCounter, 725 mSDsCounter, 0 mSdLazyCounter, 781 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 847 SdHoareTripleChecker+Invalid, 959 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 781 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 160 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:54,768 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 847 Invalid, 959 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 781 Invalid, 0 Unknown, 160 Unchecked, 0.4s Time] [2025-03-17 12:08:54,768 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2025-03-17 12:08:54,771 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 177. [2025-03-17 12:08:54,771 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 113 states have (on average 1.592920353982301) internal successors, (180), 146 states have internal predecessors, (180), 18 states have call successors, (18), 5 states have call predecessors, (18), 7 states have return successors, (32), 25 states have call predecessors, (32), 18 states have call successors, (32) [2025-03-17 12:08:54,772 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 230 transitions. [2025-03-17 12:08:54,772 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 230 transitions. Word has length 39 [2025-03-17 12:08:54,775 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:54,775 INFO L471 AbstractCegarLoop]: Abstraction has 177 states and 230 transitions. [2025-03-17 12:08:54,775 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 12 states have internal predecessors, (38), 2 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2025-03-17 12:08:54,775 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 230 transitions. [2025-03-17 12:08:54,777 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-03-17 12:08:54,777 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:54,777 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:54,784 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2025-03-17 12:08:54,977 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2025-03-17 12:08:54,978 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting create_internalErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:54,978 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:54,978 INFO L85 PathProgramCache]: Analyzing trace with hash 1855017947, now seen corresponding path program 1 times [2025-03-17 12:08:54,978 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:54,978 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1207692209] [2025-03-17 12:08:54,978 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:54,978 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:54,985 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-17 12:08:54,989 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-17 12:08:54,989 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:54,989 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:55,406 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 5 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-03-17 12:08:55,407 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:55,407 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1207692209] [2025-03-17 12:08:55,407 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1207692209] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:55,407 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1686470914] [2025-03-17 12:08:55,407 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:55,407 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:55,407 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:55,409 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:08:55,411 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-17 12:08:55,493 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-17 12:08:55,524 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-17 12:08:55,524 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:55,524 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:55,526 INFO L256 TraceCheckSpWp]: Trace formula consists of 255 conjuncts, 33 conjuncts are in the unsatisfiable core [2025-03-17 12:08:55,527 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:08:55,539 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:08:55,598 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 1 [2025-03-17 12:08:55,599 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2025-03-17 12:08:55,633 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2025-03-17 12:08:55,693 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (store |c_old(#length)| alloc_and_zero_internal_~pi~1.base 8) |c_#length|)) is different from true [2025-03-17 12:08:55,711 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2025-03-17 12:08:55,711 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2025-03-17 12:08:55,737 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 4 not checked. [2025-03-17 12:08:55,737 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:08:55,846 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1686470914] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:55,846 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:08:55,846 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 9] total 18 [2025-03-17 12:08:55,846 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [69289664] [2025-03-17 12:08:55,846 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:08:55,847 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2025-03-17 12:08:55,847 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:55,847 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2025-03-17 12:08:55,847 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=54, Invalid=329, Unknown=1, NotChecked=36, Total=420 [2025-03-17 12:08:55,847 INFO L87 Difference]: Start difference. First operand 177 states and 230 transitions. Second operand has 19 states, 18 states have (on average 2.388888888888889) internal successors, (43), 15 states have internal predecessors, (43), 3 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2025-03-17 12:08:56,656 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:56,656 INFO L93 Difference]: Finished difference Result 189 states and 244 transitions. [2025-03-17 12:08:56,656 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-03-17 12:08:56,656 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 18 states have (on average 2.388888888888889) internal successors, (43), 15 states have internal predecessors, (43), 3 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) Word has length 39 [2025-03-17 12:08:56,656 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:56,657 INFO L225 Difference]: With dead ends: 189 [2025-03-17 12:08:56,657 INFO L226 Difference]: Without dead ends: 189 [2025-03-17 12:08:56,658 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 56 GetRequests, 32 SyntacticMatches, 1 SemanticMatches, 23 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 72 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=80, Invalid=475, Unknown=1, NotChecked=44, Total=600 [2025-03-17 12:08:56,658 INFO L435 NwaCegarLoop]: 113 mSDtfsCounter, 69 mSDsluCounter, 652 mSDsCounter, 0 mSdLazyCounter, 1000 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 765 SdHoareTripleChecker+Invalid, 1177 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 1000 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 161 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:56,658 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 765 Invalid, 1177 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 1000 Invalid, 0 Unknown, 161 Unchecked, 0.7s Time] [2025-03-17 12:08:56,658 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 189 states. [2025-03-17 12:08:56,666 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 189 to 176. [2025-03-17 12:08:56,670 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 176 states, 113 states have (on average 1.584070796460177) internal successors, (179), 145 states have internal predecessors, (179), 18 states have call successors, (18), 5 states have call predecessors, (18), 7 states have return successors, (32), 25 states have call predecessors, (32), 18 states have call successors, (32) [2025-03-17 12:08:56,671 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 176 states to 176 states and 229 transitions. [2025-03-17 12:08:56,677 INFO L78 Accepts]: Start accepts. Automaton has 176 states and 229 transitions. Word has length 39 [2025-03-17 12:08:56,678 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:56,678 INFO L471 AbstractCegarLoop]: Abstraction has 176 states and 229 transitions. [2025-03-17 12:08:56,678 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 18 states have (on average 2.388888888888889) internal successors, (43), 15 states have internal predecessors, (43), 3 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2025-03-17 12:08:56,678 INFO L276 IsEmpty]: Start isEmpty. Operand 176 states and 229 transitions. [2025-03-17 12:08:56,679 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-03-17 12:08:56,679 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:56,679 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:56,693 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-17 12:08:56,879 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:56,880 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr14REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:56,880 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:56,880 INFO L85 PathProgramCache]: Analyzing trace with hash -1650656772, now seen corresponding path program 1 times [2025-03-17 12:08:56,880 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:56,880 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [735098338] [2025-03-17 12:08:56,880 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:56,881 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:56,896 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-03-17 12:08:56,903 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-03-17 12:08:56,903 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:56,903 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:56,949 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2025-03-17 12:08:56,950 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:56,950 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [735098338] [2025-03-17 12:08:56,950 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [735098338] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:56,950 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:56,950 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-17 12:08:56,950 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2028647741] [2025-03-17 12:08:56,950 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:56,951 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-17 12:08:56,951 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:56,952 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-17 12:08:56,952 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-17 12:08:56,952 INFO L87 Difference]: Start difference. First operand 176 states and 229 transitions. Second operand has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-17 12:08:57,100 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:57,101 INFO L93 Difference]: Finished difference Result 203 states and 276 transitions. [2025-03-17 12:08:57,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-17 12:08:57,104 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 45 [2025-03-17 12:08:57,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:57,105 INFO L225 Difference]: With dead ends: 203 [2025-03-17 12:08:57,105 INFO L226 Difference]: Without dead ends: 203 [2025-03-17 12:08:57,105 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2025-03-17 12:08:57,105 INFO L435 NwaCegarLoop]: 109 mSDtfsCounter, 28 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 178 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 30 SdHoareTripleChecker+Valid, 341 SdHoareTripleChecker+Invalid, 188 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 178 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:57,106 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [30 Valid, 341 Invalid, 188 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 178 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-17 12:08:57,106 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2025-03-17 12:08:57,121 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 196. [2025-03-17 12:08:57,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 196 states, 133 states have (on average 1.6165413533834587) internal successors, (215), 161 states have internal predecessors, (215), 20 states have call successors, (20), 5 states have call predecessors, (20), 7 states have return successors, (38), 29 states have call predecessors, (38), 20 states have call successors, (38) [2025-03-17 12:08:57,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 196 states to 196 states and 273 transitions. [2025-03-17 12:08:57,127 INFO L78 Accepts]: Start accepts. Automaton has 196 states and 273 transitions. Word has length 45 [2025-03-17 12:08:57,128 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:57,128 INFO L471 AbstractCegarLoop]: Abstraction has 196 states and 273 transitions. [2025-03-17 12:08:57,128 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-17 12:08:57,128 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 273 transitions. [2025-03-17 12:08:57,128 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-03-17 12:08:57,128 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:57,128 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:57,128 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-17 12:08:57,128 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr15REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:57,129 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:57,129 INFO L85 PathProgramCache]: Analyzing trace with hash -1650656771, now seen corresponding path program 1 times [2025-03-17 12:08:57,129 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:57,129 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1049849100] [2025-03-17 12:08:57,129 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:57,129 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:57,144 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-03-17 12:08:57,148 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-03-17 12:08:57,148 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:57,148 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:57,350 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2025-03-17 12:08:57,351 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:57,351 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1049849100] [2025-03-17 12:08:57,351 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1049849100] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:08:57,351 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:08:57,351 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2025-03-17 12:08:57,351 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [133982214] [2025-03-17 12:08:57,351 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:08:57,351 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-17 12:08:57,351 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:57,352 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-17 12:08:57,355 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-17 12:08:57,356 INFO L87 Difference]: Start difference. First operand 196 states and 273 transitions. Second operand has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-17 12:08:57,728 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:57,729 INFO L93 Difference]: Finished difference Result 209 states and 285 transitions. [2025-03-17 12:08:57,733 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-03-17 12:08:57,734 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 45 [2025-03-17 12:08:57,734 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:57,735 INFO L225 Difference]: With dead ends: 209 [2025-03-17 12:08:57,735 INFO L226 Difference]: Without dead ends: 209 [2025-03-17 12:08:57,735 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2025-03-17 12:08:57,735 INFO L435 NwaCegarLoop]: 107 mSDtfsCounter, 22 mSDsluCounter, 570 mSDsCounter, 0 mSdLazyCounter, 245 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 677 SdHoareTripleChecker+Invalid, 248 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 245 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:57,735 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [26 Valid, 677 Invalid, 248 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 245 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2025-03-17 12:08:57,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 209 states. [2025-03-17 12:08:57,744 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 209 to 205. [2025-03-17 12:08:57,745 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 205 states, 140 states have (on average 1.5928571428571427) internal successors, (223), 168 states have internal predecessors, (223), 22 states have call successors, (22), 5 states have call predecessors, (22), 7 states have return successors, (40), 31 states have call predecessors, (40), 22 states have call successors, (40) [2025-03-17 12:08:57,746 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 205 states to 205 states and 285 transitions. [2025-03-17 12:08:57,752 INFO L78 Accepts]: Start accepts. Automaton has 205 states and 285 transitions. Word has length 45 [2025-03-17 12:08:57,752 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:57,752 INFO L471 AbstractCegarLoop]: Abstraction has 205 states and 285 transitions. [2025-03-17 12:08:57,752 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-17 12:08:57,752 INFO L276 IsEmpty]: Start isEmpty. Operand 205 states and 285 transitions. [2025-03-17 12:08:57,752 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2025-03-17 12:08:57,752 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:57,753 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:57,753 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-17 12:08:57,753 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr28REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:08:57,753 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:08:57,753 INFO L85 PathProgramCache]: Analyzing trace with hash 182205943, now seen corresponding path program 1 times [2025-03-17 12:08:57,753 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:08:57,753 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [949812413] [2025-03-17 12:08:57,753 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:57,753 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:08:57,785 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 51 statements into 1 equivalence classes. [2025-03-17 12:08:57,801 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 51 of 51 statements. [2025-03-17 12:08:57,804 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:57,804 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:58,351 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 20 proven. 4 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2025-03-17 12:08:58,351 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:08:58,352 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [949812413] [2025-03-17 12:08:58,352 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [949812413] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:58,352 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [69106639] [2025-03-17 12:08:58,352 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:08:58,352 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:08:58,352 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:08:58,358 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:08:58,360 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2025-03-17 12:08:58,442 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 51 statements into 1 equivalence classes. [2025-03-17 12:08:58,483 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 51 of 51 statements. [2025-03-17 12:08:58,483 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:08:58,483 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:08:58,514 INFO L256 TraceCheckSpWp]: Trace formula consists of 308 conjuncts, 25 conjuncts are in the unsatisfiable core [2025-03-17 12:08:58,520 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:08:58,612 WARN L873 $PredicateComparison]: unable to prove that (exists ((create_internal_~now~0.base Int)) (and (= (select |c_old(#valid)| create_internal_~now~0.base) 0) (= |c_#valid| (store |c_old(#valid)| create_internal_~now~0.base 1)))) is different from true [2025-03-17 12:08:58,632 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (and (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base (select |c_#valid| alloc_and_zero_internal_~pi~1.base))) (= (select |c_old(#valid)| alloc_and_zero_internal_~pi~1.base) 0))) is different from true [2025-03-17 12:08:58,678 WARN L873 $PredicateComparison]: unable to prove that (exists ((create_internal_~now~0.base Int) (alloc_and_zero_internal_~pi~1.base Int)) (let ((.cse0 (store |c_old(#valid)| create_internal_~now~0.base 1))) (and (= (select |c_old(#valid)| create_internal_~now~0.base) 0) (= (select .cse0 alloc_and_zero_internal_~pi~1.base) 0) (= |c_#valid| (store .cse0 alloc_and_zero_internal_~pi~1.base (select |c_#valid| alloc_and_zero_internal_~pi~1.base)))))) is different from true [2025-03-17 12:08:58,802 INFO L349 Elim1Store]: treesize reduction 64, result has 22.9 percent of original size [2025-03-17 12:08:58,802 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 6 case distinctions, treesize of input 31 treesize of output 32 [2025-03-17 12:08:58,829 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 6 not checked. [2025-03-17 12:08:58,830 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:08:58,927 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [69106639] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:08:58,927 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:08:58,927 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 10] total 18 [2025-03-17 12:08:58,927 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1048914348] [2025-03-17 12:08:58,927 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:08:58,928 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2025-03-17 12:08:58,928 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:08:58,928 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2025-03-17 12:08:58,929 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=68, Invalid=213, Unknown=3, NotChecked=96, Total=380 [2025-03-17 12:08:58,929 INFO L87 Difference]: Start difference. First operand 205 states and 285 transitions. Second operand has 19 states, 18 states have (on average 3.2222222222222223) internal successors, (58), 14 states have internal predecessors, (58), 5 states have call successors, (7), 2 states have call predecessors, (7), 7 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2025-03-17 12:08:59,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:08:59,922 INFO L93 Difference]: Finished difference Result 275 states and 394 transitions. [2025-03-17 12:08:59,923 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-03-17 12:08:59,923 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 18 states have (on average 3.2222222222222223) internal successors, (58), 14 states have internal predecessors, (58), 5 states have call successors, (7), 2 states have call predecessors, (7), 7 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) Word has length 51 [2025-03-17 12:08:59,923 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:08:59,928 INFO L225 Difference]: With dead ends: 275 [2025-03-17 12:08:59,928 INFO L226 Difference]: Without dead ends: 275 [2025-03-17 12:08:59,928 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 76 GetRequests, 53 SyntacticMatches, 2 SemanticMatches, 21 ConstructedPredicates, 3 IntricatePredicates, 0 DeprecatedPredicates, 100 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=86, Invalid=303, Unknown=3, NotChecked=114, Total=506 [2025-03-17 12:08:59,928 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 91 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 785 mSolverCounterSat, 47 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 663 SdHoareTripleChecker+Invalid, 1509 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 47 IncrementalHoareTripleChecker+Valid, 785 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 677 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2025-03-17 12:08:59,928 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 663 Invalid, 1509 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [47 Valid, 785 Invalid, 0 Unknown, 677 Unchecked, 0.8s Time] [2025-03-17 12:08:59,929 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 275 states. [2025-03-17 12:08:59,942 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 275 to 195. [2025-03-17 12:08:59,943 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 195 states, 131 states have (on average 1.5801526717557253) internal successors, (207), 161 states have internal predecessors, (207), 22 states have call successors, (22), 5 states have call predecessors, (22), 6 states have return successors, (31), 28 states have call predecessors, (31), 22 states have call successors, (31) [2025-03-17 12:08:59,944 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 195 states to 195 states and 260 transitions. [2025-03-17 12:08:59,945 INFO L78 Accepts]: Start accepts. Automaton has 195 states and 260 transitions. Word has length 51 [2025-03-17 12:08:59,945 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:08:59,945 INFO L471 AbstractCegarLoop]: Abstraction has 195 states and 260 transitions. [2025-03-17 12:08:59,945 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 18 states have (on average 3.2222222222222223) internal successors, (58), 14 states have internal predecessors, (58), 5 states have call successors, (7), 2 states have call predecessors, (7), 7 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2025-03-17 12:08:59,945 INFO L276 IsEmpty]: Start isEmpty. Operand 195 states and 260 transitions. [2025-03-17 12:08:59,946 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-03-17 12:08:59,946 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:08:59,946 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:08:59,953 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Ended with exit code 0 [2025-03-17 12:09:00,146 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14,8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:00,147 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:09:00,148 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:09:00,148 INFO L85 PathProgramCache]: Analyzing trace with hash 369232141, now seen corresponding path program 1 times [2025-03-17 12:09:00,148 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:09:00,148 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [550750213] [2025-03-17 12:09:00,148 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:09:00,148 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:09:00,167 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-03-17 12:09:00,182 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-03-17 12:09:00,183 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:09:00,183 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:00,269 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2025-03-17 12:09:00,269 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:09:00,269 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [550750213] [2025-03-17 12:09:00,269 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [550750213] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-17 12:09:00,269 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-17 12:09:00,269 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2025-03-17 12:09:00,269 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1932859579] [2025-03-17 12:09:00,270 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-17 12:09:00,270 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-17 12:09:00,270 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:09:00,270 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-17 12:09:00,270 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2025-03-17 12:09:00,270 INFO L87 Difference]: Start difference. First operand 195 states and 260 transitions. Second operand has 7 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-17 12:09:00,343 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:09:00,344 INFO L93 Difference]: Finished difference Result 203 states and 272 transitions. [2025-03-17 12:09:00,344 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-17 12:09:00,344 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 46 [2025-03-17 12:09:00,347 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:09:00,348 INFO L225 Difference]: With dead ends: 203 [2025-03-17 12:09:00,348 INFO L226 Difference]: Without dead ends: 203 [2025-03-17 12:09:00,349 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2025-03-17 12:09:00,349 INFO L435 NwaCegarLoop]: 124 mSDtfsCounter, 31 mSDsluCounter, 572 mSDsCounter, 0 mSdLazyCounter, 86 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 696 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 86 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-17 12:09:00,349 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 696 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 86 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-17 12:09:00,349 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2025-03-17 12:09:00,358 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 196. [2025-03-17 12:09:00,358 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 196 states, 132 states have (on average 1.5606060606060606) internal successors, (206), 162 states have internal predecessors, (206), 22 states have call successors, (22), 5 states have call predecessors, (22), 6 states have return successors, (31), 28 states have call predecessors, (31), 22 states have call successors, (31) [2025-03-17 12:09:00,361 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 196 states to 196 states and 259 transitions. [2025-03-17 12:09:00,365 INFO L78 Accepts]: Start accepts. Automaton has 196 states and 259 transitions. Word has length 46 [2025-03-17 12:09:00,366 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:09:00,366 INFO L471 AbstractCegarLoop]: Abstraction has 196 states and 259 transitions. [2025-03-17 12:09:00,366 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-17 12:09:00,366 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 259 transitions. [2025-03-17 12:09:00,366 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-03-17 12:09:00,366 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:09:00,366 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:09:00,366 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-17 12:09:00,367 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:09:00,367 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:09:00,367 INFO L85 PathProgramCache]: Analyzing trace with hash 848064012, now seen corresponding path program 1 times [2025-03-17 12:09:00,367 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:09:00,367 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1666858820] [2025-03-17 12:09:00,367 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:09:00,367 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:09:00,379 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-03-17 12:09:00,394 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-03-17 12:09:00,399 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:09:00,399 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:01,302 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 3 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:09:01,303 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:09:01,303 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1666858820] [2025-03-17 12:09:01,303 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1666858820] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:01,303 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2054641786] [2025-03-17 12:09:01,303 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:09:01,303 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:01,303 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:09:01,305 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:09:01,307 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Waiting until timeout for monitored process [2025-03-17 12:09:01,440 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-03-17 12:09:01,463 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-03-17 12:09:01,463 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:09:01,463 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:01,464 INFO L256 TraceCheckSpWp]: Trace formula consists of 291 conjuncts, 60 conjuncts are in the unsatisfiable core [2025-03-17 12:09:01,467 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:09:01,502 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:09:01,557 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 1 [2025-03-17 12:09:01,682 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (and (= (select |c_old(#valid)| alloc_and_zero_internal_~pi~1.base) 0) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)) (= |c_#memory_$Pointer$#0.base| (store |c_old(#memory_$Pointer$#0.base)| alloc_and_zero_internal_~pi~1.base (select |c_#memory_$Pointer$#0.base| alloc_and_zero_internal_~pi~1.base))))) is different from true [2025-03-17 12:09:01,754 INFO L190 IndexEqualityManager]: detected not equals via solver [2025-03-17 12:09:01,755 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 15 [2025-03-17 12:09:01,785 INFO L349 Elim1Store]: treesize reduction 68, result has 31.3 percent of original size [2025-03-17 12:09:01,788 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 5 case distinctions, treesize of input 28 treesize of output 45 [2025-03-17 12:09:01,875 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 41 treesize of output 19 [2025-03-17 12:09:02,079 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 13 [2025-03-17 12:09:02,302 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 9 not checked. [2025-03-17 12:09:02,306 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:09:06,655 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2054641786] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:06,655 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:09:06,655 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [22, 18] total 33 [2025-03-17 12:09:06,656 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [409562748] [2025-03-17 12:09:06,656 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:09:06,657 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 34 states [2025-03-17 12:09:06,657 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:09:06,658 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2025-03-17 12:09:06,662 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=115, Invalid=1219, Unknown=2, NotChecked=70, Total=1406 [2025-03-17 12:09:06,663 INFO L87 Difference]: Start difference. First operand 196 states and 259 transitions. Second operand has 34 states, 29 states have (on average 2.2758620689655173) internal successors, (66), 25 states have internal predecessors, (66), 8 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (9), 9 states have call predecessors, (9), 6 states have call successors, (9) [2025-03-17 12:09:08,728 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:09:08,729 INFO L93 Difference]: Finished difference Result 246 states and 323 transitions. [2025-03-17 12:09:08,729 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2025-03-17 12:09:08,729 INFO L78 Accepts]: Start accepts. Automaton has has 34 states, 29 states have (on average 2.2758620689655173) internal successors, (66), 25 states have internal predecessors, (66), 8 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (9), 9 states have call predecessors, (9), 6 states have call successors, (9) Word has length 49 [2025-03-17 12:09:08,730 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:09:08,732 INFO L225 Difference]: With dead ends: 246 [2025-03-17 12:09:08,732 INFO L226 Difference]: Without dead ends: 246 [2025-03-17 12:09:08,733 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 97 GetRequests, 48 SyntacticMatches, 1 SemanticMatches, 48 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 429 ImplicationChecksByTransitivity, 5.4s TimeCoverageRelationStatistics Valid=187, Invalid=2167, Unknown=2, NotChecked=94, Total=2450 [2025-03-17 12:09:08,734 INFO L435 NwaCegarLoop]: 90 mSDtfsCounter, 117 mSDsluCounter, 1359 mSDsCounter, 0 mSdLazyCounter, 2308 mSolverCounterSat, 45 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 1449 SdHoareTripleChecker+Invalid, 2566 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 45 IncrementalHoareTripleChecker+Valid, 2308 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 213 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2025-03-17 12:09:08,734 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 1449 Invalid, 2566 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [45 Valid, 2308 Invalid, 0 Unknown, 213 Unchecked, 1.5s Time] [2025-03-17 12:09:08,735 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 246 states. [2025-03-17 12:09:08,743 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 246 to 219. [2025-03-17 12:09:08,750 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 219 states, 152 states have (on average 1.5394736842105263) internal successors, (234), 182 states have internal predecessors, (234), 23 states have call successors, (23), 6 states have call predecessors, (23), 8 states have return successors, (41), 30 states have call predecessors, (41), 23 states have call successors, (41) [2025-03-17 12:09:08,751 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 219 states to 219 states and 298 transitions. [2025-03-17 12:09:08,751 INFO L78 Accepts]: Start accepts. Automaton has 219 states and 298 transitions. Word has length 49 [2025-03-17 12:09:08,751 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:09:08,751 INFO L471 AbstractCegarLoop]: Abstraction has 219 states and 298 transitions. [2025-03-17 12:09:08,752 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 34 states, 29 states have (on average 2.2758620689655173) internal successors, (66), 25 states have internal predecessors, (66), 8 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (9), 9 states have call predecessors, (9), 6 states have call successors, (9) [2025-03-17 12:09:08,752 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 298 transitions. [2025-03-17 12:09:08,752 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-03-17 12:09:08,752 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:09:08,752 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:09:08,767 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Ended with exit code 0 [2025-03-17 12:09:08,952 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable16 [2025-03-17 12:09:08,955 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:09:08,955 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:09:08,955 INFO L85 PathProgramCache]: Analyzing trace with hash 848064013, now seen corresponding path program 1 times [2025-03-17 12:09:08,955 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:09:08,955 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1835506141] [2025-03-17 12:09:08,955 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:09:08,956 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:09:08,968 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-03-17 12:09:08,991 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-03-17 12:09:08,993 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:09:08,993 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:10,277 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 10 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:09:10,277 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:09:10,277 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1835506141] [2025-03-17 12:09:10,277 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1835506141] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:10,277 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [222748541] [2025-03-17 12:09:10,277 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:09:10,277 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:10,277 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:09:10,281 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:09:10,287 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Waiting until timeout for monitored process [2025-03-17 12:09:10,401 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-03-17 12:09:10,424 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-03-17 12:09:10,425 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:09:10,425 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:10,430 INFO L256 TraceCheckSpWp]: Trace formula consists of 291 conjuncts, 96 conjuncts are in the unsatisfiable core [2025-03-17 12:09:10,437 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:09:10,587 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:09:10,805 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2025-03-17 12:09:10,813 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 1 [2025-03-17 12:09:10,928 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (and (= |c_#memory_$Pointer$#0.base| (store |c_old(#memory_$Pointer$#0.base)| alloc_and_zero_internal_~pi~1.base (select |c_#memory_$Pointer$#0.base| alloc_and_zero_internal_~pi~1.base))) (= (store |c_old(#length)| alloc_and_zero_internal_~pi~1.base 8) |c_#length|) (= (store |c_old(#memory_$Pointer$#0.offset)| alloc_and_zero_internal_~pi~1.base (select |c_#memory_$Pointer$#0.offset| alloc_and_zero_internal_~pi~1.base)) |c_#memory_$Pointer$#0.offset|))) is different from true [2025-03-17 12:09:11,006 INFO L349 Elim1Store]: treesize reduction 13, result has 40.9 percent of original size [2025-03-17 12:09:11,006 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 20 treesize of output 19 [2025-03-17 12:09:11,019 INFO L349 Elim1Store]: treesize reduction 27, result has 25.0 percent of original size [2025-03-17 12:09:11,020 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 18 [2025-03-17 12:09:11,031 INFO L349 Elim1Store]: treesize reduction 13, result has 40.9 percent of original size [2025-03-17 12:09:11,032 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 18 treesize of output 17 [2025-03-17 12:09:11,041 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 5 [2025-03-17 12:09:11,050 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 3 [2025-03-17 12:09:11,130 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 65 treesize of output 49 [2025-03-17 12:09:11,133 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 65 treesize of output 49 [2025-03-17 12:09:11,349 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 55 treesize of output 43 [2025-03-17 12:09:11,352 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 49 treesize of output 37 [2025-03-17 12:09:11,496 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 9 not checked. [2025-03-17 12:09:11,500 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:09:12,058 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [222748541] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:12,058 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:09:12,058 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [23, 21] total 42 [2025-03-17 12:09:12,058 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1399617502] [2025-03-17 12:09:12,058 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:09:12,058 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 43 states [2025-03-17 12:09:12,058 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:09:12,059 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 43 interpolants. [2025-03-17 12:09:12,059 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=164, Invalid=2191, Unknown=1, NotChecked=94, Total=2450 [2025-03-17 12:09:12,059 INFO L87 Difference]: Start difference. First operand 219 states and 298 transitions. Second operand has 43 states, 38 states have (on average 1.9473684210526316) internal successors, (74), 31 states have internal predecessors, (74), 9 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (10), 10 states have call predecessors, (10), 7 states have call successors, (10) [2025-03-17 12:09:14,487 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:09:14,487 INFO L93 Difference]: Finished difference Result 250 states and 329 transitions. [2025-03-17 12:09:14,490 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2025-03-17 12:09:14,490 INFO L78 Accepts]: Start accepts. Automaton has has 43 states, 38 states have (on average 1.9473684210526316) internal successors, (74), 31 states have internal predecessors, (74), 9 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (10), 10 states have call predecessors, (10), 7 states have call successors, (10) Word has length 49 [2025-03-17 12:09:14,490 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:09:14,491 INFO L225 Difference]: With dead ends: 250 [2025-03-17 12:09:14,491 INFO L226 Difference]: Without dead ends: 250 [2025-03-17 12:09:14,492 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 98 GetRequests, 37 SyntacticMatches, 0 SemanticMatches, 61 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 796 ImplicationChecksByTransitivity, 2.2s TimeCoverageRelationStatistics Valid=255, Invalid=3530, Unknown=1, NotChecked=120, Total=3906 [2025-03-17 12:09:14,493 INFO L435 NwaCegarLoop]: 90 mSDtfsCounter, 120 mSDsluCounter, 1813 mSDsCounter, 0 mSdLazyCounter, 2990 mSolverCounterSat, 40 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 127 SdHoareTripleChecker+Valid, 1903 SdHoareTripleChecker+Invalid, 3248 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 40 IncrementalHoareTripleChecker+Valid, 2990 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 218 IncrementalHoareTripleChecker+Unchecked, 1.6s IncrementalHoareTripleChecker+Time [2025-03-17 12:09:14,493 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [127 Valid, 1903 Invalid, 3248 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [40 Valid, 2990 Invalid, 0 Unknown, 218 Unchecked, 1.6s Time] [2025-03-17 12:09:14,493 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2025-03-17 12:09:14,499 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 219. [2025-03-17 12:09:14,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 219 states, 152 states have (on average 1.5328947368421053) internal successors, (233), 182 states have internal predecessors, (233), 23 states have call successors, (23), 6 states have call predecessors, (23), 8 states have return successors, (41), 30 states have call predecessors, (41), 23 states have call successors, (41) [2025-03-17 12:09:14,500 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 219 states to 219 states and 297 transitions. [2025-03-17 12:09:14,500 INFO L78 Accepts]: Start accepts. Automaton has 219 states and 297 transitions. Word has length 49 [2025-03-17 12:09:14,500 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:09:14,500 INFO L471 AbstractCegarLoop]: Abstraction has 219 states and 297 transitions. [2025-03-17 12:09:14,500 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 43 states, 38 states have (on average 1.9473684210526316) internal successors, (74), 31 states have internal predecessors, (74), 9 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (10), 10 states have call predecessors, (10), 7 states have call successors, (10) [2025-03-17 12:09:14,500 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 297 transitions. [2025-03-17 12:09:14,501 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2025-03-17 12:09:14,501 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:09:14,501 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:09:14,507 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Forceful destruction successful, exit code 0 [2025-03-17 12:09:14,703 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable17 [2025-03-17 12:09:14,703 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:09:14,703 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:09:14,703 INFO L85 PathProgramCache]: Analyzing trace with hash 1677316755, now seen corresponding path program 1 times [2025-03-17 12:09:14,703 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:09:14,703 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1853098901] [2025-03-17 12:09:14,703 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:09:14,703 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:09:14,714 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 52 statements into 1 equivalence classes. [2025-03-17 12:09:14,722 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 52 of 52 statements. [2025-03-17 12:09:14,722 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:09:14,722 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:15,649 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 3 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-17 12:09:15,649 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:09:15,649 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1853098901] [2025-03-17 12:09:15,649 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1853098901] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:15,649 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [159248518] [2025-03-17 12:09:15,649 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-17 12:09:15,649 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:15,649 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:09:15,651 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:09:15,652 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Waiting until timeout for monitored process [2025-03-17 12:09:15,720 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 52 statements into 1 equivalence classes. [2025-03-17 12:09:15,742 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 52 of 52 statements. [2025-03-17 12:09:15,742 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-17 12:09:15,742 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:15,744 INFO L256 TraceCheckSpWp]: Trace formula consists of 304 conjuncts, 115 conjuncts are in the unsatisfiable core [2025-03-17 12:09:15,747 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:09:15,750 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:09:15,807 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2025-03-17 12:09:15,817 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2025-03-17 12:09:16,075 INFO L349 Elim1Store]: treesize reduction 18, result has 35.7 percent of original size [2025-03-17 12:09:16,076 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 17 treesize of output 21 [2025-03-17 12:09:16,135 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 15 [2025-03-17 12:09:16,145 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 15 [2025-03-17 12:09:16,230 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (and (= (select |c_old(#valid)| alloc_and_zero_internal_~pi~1.base) 0) (= |c_#memory_$Pointer$#0.base| (store |c_old(#memory_$Pointer$#0.base)| alloc_and_zero_internal_~pi~1.base (select |c_#memory_$Pointer$#0.base| alloc_and_zero_internal_~pi~1.base))) (= (store |c_old(#memory_$Pointer$#0.offset)| alloc_and_zero_internal_~pi~1.base (select |c_#memory_$Pointer$#0.offset| alloc_and_zero_internal_~pi~1.base)) |c_#memory_$Pointer$#0.offset|))) is different from true [2025-03-17 12:09:16,270 INFO L190 IndexEqualityManager]: detected not equals via solver [2025-03-17 12:09:16,276 INFO L349 Elim1Store]: treesize reduction 25, result has 16.7 percent of original size [2025-03-17 12:09:16,276 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 48 treesize of output 43 [2025-03-17 12:09:16,291 INFO L349 Elim1Store]: treesize reduction 8, result has 61.9 percent of original size [2025-03-17 12:09:16,292 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 20 treesize of output 22 [2025-03-17 12:09:16,295 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 25 [2025-03-17 12:09:16,357 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2025-03-17 12:09:16,357 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 46 treesize of output 32 [2025-03-17 12:09:16,361 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 34 treesize of output 25 [2025-03-17 12:09:16,723 INFO L190 IndexEqualityManager]: detected not equals via solver [2025-03-17 12:09:16,724 INFO L173 IndexEqualityManager]: detected equality via solver [2025-03-17 12:09:16,726 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2025-03-17 12:09:16,726 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 4 new quantified variables, introduced 3 case distinctions, treesize of input 53 treesize of output 31 [2025-03-17 12:09:16,741 INFO L349 Elim1Store]: treesize reduction 5, result has 37.5 percent of original size [2025-03-17 12:09:16,741 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 29 treesize of output 16 [2025-03-17 12:09:16,748 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 9 not checked. [2025-03-17 12:09:16,748 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:09:17,813 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [159248518] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:17,813 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:09:17,813 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [28, 26] total 43 [2025-03-17 12:09:17,814 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1034832531] [2025-03-17 12:09:17,814 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:09:17,814 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 43 states [2025-03-17 12:09:17,814 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:09:17,814 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 43 interpolants. [2025-03-17 12:09:17,815 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=143, Invalid=2212, Unknown=1, NotChecked=94, Total=2450 [2025-03-17 12:09:17,815 INFO L87 Difference]: Start difference. First operand 219 states and 297 transitions. Second operand has 43 states, 40 states have (on average 1.8) internal successors, (72), 32 states have internal predecessors, (72), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 6 states have call successors, (9) [2025-03-17 12:09:20,223 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:09:20,223 INFO L93 Difference]: Finished difference Result 256 states and 343 transitions. [2025-03-17 12:09:20,223 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2025-03-17 12:09:20,224 INFO L78 Accepts]: Start accepts. Automaton has has 43 states, 40 states have (on average 1.8) internal successors, (72), 32 states have internal predecessors, (72), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 6 states have call successors, (9) Word has length 52 [2025-03-17 12:09:20,224 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:09:20,224 INFO L225 Difference]: With dead ends: 256 [2025-03-17 12:09:20,224 INFO L226 Difference]: Without dead ends: 256 [2025-03-17 12:09:20,225 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 112 GetRequests, 48 SyntacticMatches, 1 SemanticMatches, 63 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 583 ImplicationChecksByTransitivity, 2.6s TimeCoverageRelationStatistics Valid=248, Invalid=3787, Unknown=1, NotChecked=124, Total=4160 [2025-03-17 12:09:20,226 INFO L435 NwaCegarLoop]: 106 mSDtfsCounter, 94 mSDsluCounter, 2196 mSDsCounter, 0 mSdLazyCounter, 3102 mSolverCounterSat, 36 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 2302 SdHoareTripleChecker+Invalid, 3320 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 36 IncrementalHoareTripleChecker+Valid, 3102 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 182 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2025-03-17 12:09:20,226 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 2302 Invalid, 3320 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [36 Valid, 3102 Invalid, 0 Unknown, 182 Unchecked, 1.5s Time] [2025-03-17 12:09:20,226 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 256 states. [2025-03-17 12:09:20,230 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 256 to 237. [2025-03-17 12:09:20,231 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 237 states, 167 states have (on average 1.4970059880239521) internal successors, (250), 197 states have internal predecessors, (250), 25 states have call successors, (25), 7 states have call predecessors, (25), 9 states have return successors, (45), 32 states have call predecessors, (45), 25 states have call successors, (45) [2025-03-17 12:09:20,232 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 237 states to 237 states and 320 transitions. [2025-03-17 12:09:20,232 INFO L78 Accepts]: Start accepts. Automaton has 237 states and 320 transitions. Word has length 52 [2025-03-17 12:09:20,233 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:09:20,233 INFO L471 AbstractCegarLoop]: Abstraction has 237 states and 320 transitions. [2025-03-17 12:09:20,233 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 43 states, 40 states have (on average 1.8) internal successors, (72), 32 states have internal predecessors, (72), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 6 states have call successors, (9) [2025-03-17 12:09:20,233 INFO L276 IsEmpty]: Start isEmpty. Operand 237 states and 320 transitions. [2025-03-17 12:09:20,233 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2025-03-17 12:09:20,233 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:09:20,234 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:09:20,243 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Ended with exit code 0 [2025-03-17 12:09:20,434 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18,11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:20,434 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting ULTIMATE.startErr30REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:09:20,434 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:09:20,434 INFO L85 PathProgramCache]: Analyzing trace with hash 446588299, now seen corresponding path program 2 times [2025-03-17 12:09:20,435 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:09:20,435 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1581941585] [2025-03-17 12:09:20,435 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-17 12:09:20,435 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:09:20,442 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 48 statements into 2 equivalence classes. [2025-03-17 12:09:20,454 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 48 of 48 statements. [2025-03-17 12:09:20,454 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-17 12:09:20,454 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:21,171 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 1 proven. 21 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2025-03-17 12:09:21,171 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:09:21,171 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1581941585] [2025-03-17 12:09:21,171 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1581941585] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:21,171 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1774404910] [2025-03-17 12:09:21,171 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-17 12:09:21,171 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:21,171 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:09:21,173 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:09:21,174 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Waiting until timeout for monitored process [2025-03-17 12:09:21,239 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 48 statements into 2 equivalence classes. [2025-03-17 12:09:21,268 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 48 of 48 statements. [2025-03-17 12:09:21,268 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-17 12:09:21,268 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:21,270 INFO L256 TraceCheckSpWp]: Trace formula consists of 293 conjuncts, 49 conjuncts are in the unsatisfiable core [2025-03-17 12:09:21,271 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:09:21,273 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:09:21,386 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse0 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse1 (= |c_#valid| (store |c_old(#valid)| .cse0 (select |c_#valid| .cse0))))) (or (and (or (= |c_#valid| |c_old(#valid)|) (= c_create_internal_~now~0.base .cse0)) .cse1) (and (= .cse0 |c_create_internal_#t~ret7.base|) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse3 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse2 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse2 (select |v_old(#valid)_AFTER_CALL_49| .cse2)) |v_old(#valid)_AFTER_CALL_49|) (= |c_create_internal_#t~ret7.base| .cse3) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse3 (select |c_#valid| .cse3))) (= .cse2 c_create_internal_~now~0.base))))))) is different from false [2025-03-17 12:09:21,389 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse0 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse1 (= |c_#valid| (store |c_old(#valid)| .cse0 (select |c_#valid| .cse0))))) (or (and (or (= |c_#valid| |c_old(#valid)|) (= c_create_internal_~now~0.base .cse0)) .cse1) (and (= .cse0 |c_create_internal_#t~ret7.base|) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse3 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse2 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse2 (select |v_old(#valid)_AFTER_CALL_49| .cse2)) |v_old(#valid)_AFTER_CALL_49|) (= |c_create_internal_#t~ret7.base| .cse3) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse3 (select |c_#valid| .cse3))) (= .cse2 c_create_internal_~now~0.base))))))) is different from true [2025-03-17 12:09:21,414 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 1 [2025-03-17 12:09:21,418 WARN L851 $PredicateComparison]: unable to prove that (and (let ((.cse1 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse2 (select (select |c_#memory_$Pointer$#0.base| c_create_internal_~now~0.base) c_create_internal_~now~0.offset)) (.cse0 (= |c_#valid| (store |c_old(#valid)| .cse1 (select |c_#valid| .cse1))))) (or (and .cse0 (= .cse1 .cse2)) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse4 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse3 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse3 (select |v_old(#valid)_AFTER_CALL_49| .cse3)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse4 (select |c_#valid| .cse4))) (= .cse4 .cse2) (= .cse3 c_create_internal_~now~0.base)))) (and (or (= |c_#valid| |c_old(#valid)|) (= c_create_internal_~now~0.base .cse1)) .cse0)))) (= (select |c_#valid| c_create_internal_~now~0.base) 1)) is different from false [2025-03-17 12:09:21,420 WARN L873 $PredicateComparison]: unable to prove that (and (let ((.cse1 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse2 (select (select |c_#memory_$Pointer$#0.base| c_create_internal_~now~0.base) c_create_internal_~now~0.offset)) (.cse0 (= |c_#valid| (store |c_old(#valid)| .cse1 (select |c_#valid| .cse1))))) (or (and .cse0 (= .cse1 .cse2)) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse4 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse3 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse3 (select |v_old(#valid)_AFTER_CALL_49| .cse3)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse4 (select |c_#valid| .cse4))) (= .cse4 .cse2) (= .cse3 c_create_internal_~now~0.base)))) (and (or (= |c_#valid| |c_old(#valid)|) (= c_create_internal_~now~0.base .cse1)) .cse0)))) (= (select |c_#valid| c_create_internal_~now~0.base) 1)) is different from true [2025-03-17 12:09:21,450 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 92 treesize of output 80 [2025-03-17 12:09:21,498 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse2 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse2))) (let ((.cse0 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1))) (.cse1 (= |c_#valid| (store |c_old(#valid)| .cse2 .cse3)))) (or (and .cse0 .cse1 (= |c_create_internal_#t~mem8.base| .cse2)) (and (or (and (= |c_#valid| |c_old(#valid)|) .cse0) (= .cse3 1)) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse4 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse5 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= |c_create_internal_#t~mem8.base| .cse4) (= (store |c_old(#valid)| .cse5 (select |v_old(#valid)_AFTER_CALL_49| .cse5)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse4 (select |c_#valid| .cse4))) (= (select |c_#valid| .cse5) 1)))))))) is different from false [2025-03-17 12:09:21,501 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse2 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse2))) (let ((.cse0 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1))) (.cse1 (= |c_#valid| (store |c_old(#valid)| .cse2 .cse3)))) (or (and .cse0 .cse1 (= |c_create_internal_#t~mem8.base| .cse2)) (and (or (and (= |c_#valid| |c_old(#valid)|) .cse0) (= .cse3 1)) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse4 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse5 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= |c_create_internal_#t~mem8.base| .cse4) (= (store |c_old(#valid)| .cse5 (select |v_old(#valid)_AFTER_CALL_49| .cse5)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse4 (select |c_#valid| .cse4))) (= (select |c_#valid| .cse5) 1)))))))) is different from true [2025-03-17 12:09:21,526 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse2 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse2))) (let ((.cse0 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1))) (.cse1 (= |c_#valid| (store |c_old(#valid)| .cse2 .cse3)))) (or (and .cse0 .cse1 (= c_create_internal_~now~0.base .cse2)) (and (or (and (= |c_#valid| |c_old(#valid)|) .cse0) (= .cse3 1)) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse5 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse4 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse4 (select |v_old(#valid)_AFTER_CALL_49| .cse4)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse5) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse5 (select |c_#valid| .cse5))) (= (select |c_#valid| .cse4) 1)))))))) is different from false [2025-03-17 12:09:21,529 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse2 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse2))) (let ((.cse0 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1))) (.cse1 (= |c_#valid| (store |c_old(#valid)| .cse2 .cse3)))) (or (and .cse0 .cse1 (= c_create_internal_~now~0.base .cse2)) (and (or (and (= |c_#valid| |c_old(#valid)|) .cse0) (= .cse3 1)) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse5 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse4 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse4 (select |v_old(#valid)_AFTER_CALL_49| .cse4)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse5) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse5 (select |c_#valid| .cse5))) (= (select |c_#valid| .cse4) 1)))))))) is different from true [2025-03-17 12:09:21,574 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))) is different from true [2025-03-17 12:09:21,623 WARN L851 $PredicateComparison]: unable to prove that (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse0 (select |v_#valid_BEFORE_CALL_44| .cse0))) (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= .cse0 c_create_internal_~now~0.base)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse1 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse2 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse1) 1) (= (store |c_old(#valid)| .cse1 (select |v_old(#valid)_AFTER_CALL_49| .cse1)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse2) (= (store |v_old(#valid)_AFTER_CALL_49| .cse2 (select |v_#valid_BEFORE_CALL_44| .cse2)) |v_#valid_BEFORE_CALL_44|)))) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))))) is different from false [2025-03-17 12:09:21,626 WARN L873 $PredicateComparison]: unable to prove that (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse0 (select |v_#valid_BEFORE_CALL_44| .cse0))) (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= .cse0 c_create_internal_~now~0.base)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse1 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse2 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse1) 1) (= (store |c_old(#valid)| .cse1 (select |v_old(#valid)_AFTER_CALL_49| .cse1)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse2) (= (store |v_old(#valid)_AFTER_CALL_49| .cse2 (select |v_#valid_BEFORE_CALL_44| .cse2)) |v_#valid_BEFORE_CALL_44|)))) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1))))) is different from true [2025-03-17 12:09:21,673 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse2 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse0) 1) (= (store |c_old(#valid)| .cse0 (select |v_old(#valid)_AFTER_CALL_49| .cse0)) |v_old(#valid)_AFTER_CALL_49|) (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1))))) (and .cse2 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) .cse2) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse3 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse3 (select |v_#valid_BEFORE_CALL_44| .cse3))) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse3) 1)))))) is different from false [2025-03-17 12:09:21,676 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse2 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse0) 1) (= (store |c_old(#valid)| .cse0 (select |v_old(#valid)_AFTER_CALL_49| .cse0)) |v_old(#valid)_AFTER_CALL_49|) (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1))))) (and .cse2 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) .cse2) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse3 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse3 (select |v_#valid_BEFORE_CALL_44| .cse3))) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse3) 1)))))) is different from true [2025-03-17 12:09:21,867 INFO L349 Elim1Store]: treesize reduction 36, result has 23.4 percent of original size [2025-03-17 12:09:21,867 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 3 case distinctions, treesize of input 17 treesize of output 22 [2025-03-17 12:09:21,940 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse3 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse0 (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_old(#valid)_AFTER_CALL_51| .cse0 (select |v_#valid_BEFORE_CALL_44| .cse0)) |v_#valid_BEFORE_CALL_44|) (= (select |c_#valid| .cse0) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|)) (.cse2 (@diff |v_old(#valid)_AFTER_CALL_51| |v_old(#valid)_AFTER_CALL_49|))) (and (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= (store |v_old(#valid)_AFTER_CALL_51| .cse2 (select |v_old(#valid)_AFTER_CALL_49| .cse2)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_#valid_BEFORE_CALL_44| .cse2) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)) .cse3 (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (and (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int)) (alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (= |v_#valid_BEFORE_CALL_44| (store |v_old(#valid)_AFTER_CALL_51| (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|) 1)))) .cse3))) is different from false [2025-03-17 12:09:21,943 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse3 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse0 (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_old(#valid)_AFTER_CALL_51| .cse0 (select |v_#valid_BEFORE_CALL_44| .cse0)) |v_#valid_BEFORE_CALL_44|) (= (select |c_#valid| .cse0) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|)) (.cse2 (@diff |v_old(#valid)_AFTER_CALL_51| |v_old(#valid)_AFTER_CALL_49|))) (and (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= (store |v_old(#valid)_AFTER_CALL_51| .cse2 (select |v_old(#valid)_AFTER_CALL_49| .cse2)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_#valid_BEFORE_CALL_44| .cse2) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)) .cse3 (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (and (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int)) (alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (= |v_#valid_BEFORE_CALL_44| (store |v_old(#valid)_AFTER_CALL_51| (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|) 1)))) .cse3))) is different from true [2025-03-17 12:09:21,943 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 7 trivial. 19 not checked. [2025-03-17 12:09:21,943 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-17 12:09:22,146 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1774404910] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:22,146 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2025-03-17 12:09:22,146 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 18] total 29 [2025-03-17 12:09:22,146 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [162935115] [2025-03-17 12:09:22,146 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2025-03-17 12:09:22,147 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2025-03-17 12:09:22,147 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-17 12:09:22,147 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2025-03-17 12:09:22,147 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=127, Invalid=490, Unknown=15, NotChecked=424, Total=1056 [2025-03-17 12:09:22,148 INFO L87 Difference]: Start difference. First operand 237 states and 320 transitions. Second operand has 30 states, 29 states have (on average 2.103448275862069) internal successors, (61), 22 states have internal predecessors, (61), 7 states have call successors, (7), 2 states have call predecessors, (7), 7 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2025-03-17 12:09:22,388 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse2 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse8 (select |c_#valid| .cse2))) (let ((.cse17 (store |c_old(#valid)| .cse2 .cse8))) (let ((.cse5 (@diff .cse17 |c_#valid|))) (let ((.cse9 (select |c_#valid| .cse5))) (let ((.cse16 (store .cse17 .cse5 .cse9))) (let ((.cse11 (@diff .cse16 |c_#valid|))) (let ((.cse4 (= .cse2 |c_create_internal_#t~ret7.base|)) (.cse10 (select |c_#valid| .cse11)) (.cse3 (select (select |c_#memory_$Pointer$#0.base| c_create_internal_~now~0.base) c_create_internal_~now~0.offset)) (.cse6 (= (select |c_old(#valid)| .cse5) 0)) (.cse7 (= |c_#valid| .cse17)) (.cse12 (= |c_#valid| .cse16)) (.cse0 (= |c_#valid| |c_old(#valid)|)) (.cse1 (= (select |c_old(#valid)| .cse2) 0)) (.cse13 (= c_create_internal_~now~0.base .cse2))) (and (or .cse0 .cse1 (= .cse2 .cse3)) (or .cse0 .cse1 (= |c_create_internal_#t~mem8.base| .cse2)) (or .cse0 .cse4 .cse1) (or (= .cse5 |c_create_internal_#t~mem8.base|) .cse6 .cse7) (or .cse0 .cse1 (= .cse8 1)) (or (= .cse9 1) .cse6 .cse7) (or (= .cse10 1) (= (select |c_old(#valid)| .cse11) 0) .cse12) (or (= .cse5 |c_create_internal_#t~ret7.base|) .cse6 .cse7) (or (and (or .cse0 .cse13) .cse7) (and .cse4 .cse7) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse15 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse14 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse14 (select |v_old(#valid)_AFTER_CALL_49| .cse14)) |v_old(#valid)_AFTER_CALL_49|) (= |c_create_internal_#t~ret7.base| .cse15) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse15 (select |c_#valid| .cse15))) (= .cse14 c_create_internal_~now~0.base))))) (= |c_#valid| (store .cse16 .cse11 .cse10)) (or (= .cse5 c_create_internal_~now~0.base) .cse6 .cse7) (or (= .cse5 .cse3) .cse6 .cse7) .cse12 (or .cse0 .cse1 .cse13)))))))))) is different from false [2025-03-17 12:09:22,393 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse2 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse8 (select |c_#valid| .cse2))) (let ((.cse17 (store |c_old(#valid)| .cse2 .cse8))) (let ((.cse5 (@diff .cse17 |c_#valid|))) (let ((.cse9 (select |c_#valid| .cse5))) (let ((.cse16 (store .cse17 .cse5 .cse9))) (let ((.cse11 (@diff .cse16 |c_#valid|))) (let ((.cse4 (= .cse2 |c_create_internal_#t~ret7.base|)) (.cse10 (select |c_#valid| .cse11)) (.cse3 (select (select |c_#memory_$Pointer$#0.base| c_create_internal_~now~0.base) c_create_internal_~now~0.offset)) (.cse6 (= (select |c_old(#valid)| .cse5) 0)) (.cse7 (= |c_#valid| .cse17)) (.cse12 (= |c_#valid| .cse16)) (.cse0 (= |c_#valid| |c_old(#valid)|)) (.cse1 (= (select |c_old(#valid)| .cse2) 0)) (.cse13 (= c_create_internal_~now~0.base .cse2))) (and (or .cse0 .cse1 (= .cse2 .cse3)) (or .cse0 .cse1 (= |c_create_internal_#t~mem8.base| .cse2)) (or .cse0 .cse4 .cse1) (or (= .cse5 |c_create_internal_#t~mem8.base|) .cse6 .cse7) (or .cse0 .cse1 (= .cse8 1)) (or (= .cse9 1) .cse6 .cse7) (or (= .cse10 1) (= (select |c_old(#valid)| .cse11) 0) .cse12) (or (= .cse5 |c_create_internal_#t~ret7.base|) .cse6 .cse7) (or (and (or .cse0 .cse13) .cse7) (and .cse4 .cse7) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse15 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse14 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse14 (select |v_old(#valid)_AFTER_CALL_49| .cse14)) |v_old(#valid)_AFTER_CALL_49|) (= |c_create_internal_#t~ret7.base| .cse15) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse15 (select |c_#valid| .cse15))) (= .cse14 c_create_internal_~now~0.base))))) (= |c_#valid| (store .cse16 .cse11 .cse10)) (or (= .cse5 c_create_internal_~now~0.base) .cse6 .cse7) (or (= .cse5 .cse3) .cse6 .cse7) .cse12 (or .cse0 .cse1 .cse13)))))))))) is different from true [2025-03-17 12:09:22,399 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse7 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse8 (select |c_#valid| .cse7))) (let ((.cse16 (store |c_old(#valid)| .cse7 .cse8))) (let ((.cse15 (@diff .cse16 |c_#valid|))) (let ((.cse9 (select |c_#valid| .cse15))) (let ((.cse14 (store .cse16 .cse15 .cse9))) (let ((.cse12 (@diff .cse14 |c_#valid|)) (.cse6 (select (select |c_#memory_$Pointer$#0.base| c_create_internal_~now~0.base) c_create_internal_~now~0.offset))) (let ((.cse2 (= .cse7 .cse6)) (.cse0 (= |c_#valid| |c_old(#valid)|)) (.cse1 (= (select |c_old(#valid)| .cse7) 0)) (.cse11 (select |c_#valid| .cse12)) (.cse10 (= (select |c_old(#valid)| .cse15) 0)) (.cse3 (= |c_#valid| .cse16)) (.cse13 (= |c_#valid| .cse14))) (and (or .cse0 .cse1 .cse2) (or (and .cse3 .cse2) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse5 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse4 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse4 (select |v_old(#valid)_AFTER_CALL_49| .cse4)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse5 (select |c_#valid| .cse5))) (= .cse5 .cse6) (= .cse4 c_create_internal_~now~0.base)))) (and (or .cse0 (= c_create_internal_~now~0.base .cse7)) .cse3)) (or .cse0 .cse1 (= .cse8 1)) (or (= .cse9 1) .cse10 .cse3) (or (= .cse11 1) (= (select |c_old(#valid)| .cse12) 0) .cse13) (= |c_#valid| (store .cse14 .cse12 .cse11)) (or (= .cse15 .cse6) .cse10 .cse3) .cse13 (= (select |c_#valid| c_create_internal_~now~0.base) 1)))))))))) is different from false [2025-03-17 12:09:22,403 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse7 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse8 (select |c_#valid| .cse7))) (let ((.cse16 (store |c_old(#valid)| .cse7 .cse8))) (let ((.cse15 (@diff .cse16 |c_#valid|))) (let ((.cse9 (select |c_#valid| .cse15))) (let ((.cse14 (store .cse16 .cse15 .cse9))) (let ((.cse12 (@diff .cse14 |c_#valid|)) (.cse6 (select (select |c_#memory_$Pointer$#0.base| c_create_internal_~now~0.base) c_create_internal_~now~0.offset))) (let ((.cse2 (= .cse7 .cse6)) (.cse0 (= |c_#valid| |c_old(#valid)|)) (.cse1 (= (select |c_old(#valid)| .cse7) 0)) (.cse11 (select |c_#valid| .cse12)) (.cse10 (= (select |c_old(#valid)| .cse15) 0)) (.cse3 (= |c_#valid| .cse16)) (.cse13 (= |c_#valid| .cse14))) (and (or .cse0 .cse1 .cse2) (or (and .cse3 .cse2) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse5 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse4 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse4 (select |v_old(#valid)_AFTER_CALL_49| .cse4)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse5 (select |c_#valid| .cse5))) (= .cse5 .cse6) (= .cse4 c_create_internal_~now~0.base)))) (and (or .cse0 (= c_create_internal_~now~0.base .cse7)) .cse3)) (or .cse0 .cse1 (= .cse8 1)) (or (= .cse9 1) .cse10 .cse3) (or (= .cse11 1) (= (select |c_old(#valid)| .cse12) 0) .cse13) (= |c_#valid| (store .cse14 .cse12 .cse11)) (or (= .cse15 .cse6) .cse10 .cse3) .cse13 (= (select |c_#valid| c_create_internal_~now~0.base) 1)))))))))) is different from true [2025-03-17 12:09:22,409 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse17 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse16 (select |c_#valid| .cse17))) (let ((.cse15 (store |c_old(#valid)| .cse17 .cse16))) (let ((.cse8 (@diff .cse15 |c_#valid|))) (let ((.cse10 (select |c_#valid| .cse8))) (let ((.cse14 (store .cse15 .cse8 .cse10))) (let ((.cse12 (@diff .cse14 |c_#valid|))) (let ((.cse2 (= |c_create_internal_#t~mem8.base| .cse17)) (.cse3 (= |c_#valid| |c_old(#valid)|)) (.cse7 (= (select |c_old(#valid)| .cse17) 0)) (.cse4 (= .cse16 1)) (.cse9 (= (select |c_old(#valid)| .cse8) 0)) (.cse1 (= |c_#valid| .cse15)) (.cse11 (select |c_#valid| .cse12)) (.cse13 (= |c_#valid| .cse14))) (and (let ((.cse0 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)))) (or (and .cse0 .cse1 .cse2) (and (or (and .cse3 .cse0) .cse4) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse5 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse6 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= |c_create_internal_#t~mem8.base| .cse5) (= (store |c_old(#valid)| .cse6 (select |v_old(#valid)_AFTER_CALL_49| .cse6)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse5 (select |c_#valid| .cse5))) (= (select |c_#valid| .cse6) 1)))))) (or .cse3 .cse7 .cse2) (or (= .cse8 |c_create_internal_#t~mem8.base|) .cse9 .cse1) (or .cse3 .cse7 .cse4) (or (= .cse10 1) .cse9 .cse1) (or (= .cse11 1) (= (select |c_old(#valid)| .cse12) 0) .cse13) (= |c_#valid| (store .cse14 .cse12 .cse11)) .cse13))))))))) is different from false [2025-03-17 12:09:22,422 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse17 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse16 (select |c_#valid| .cse17))) (let ((.cse15 (store |c_old(#valid)| .cse17 .cse16))) (let ((.cse8 (@diff .cse15 |c_#valid|))) (let ((.cse10 (select |c_#valid| .cse8))) (let ((.cse14 (store .cse15 .cse8 .cse10))) (let ((.cse12 (@diff .cse14 |c_#valid|))) (let ((.cse2 (= |c_create_internal_#t~mem8.base| .cse17)) (.cse3 (= |c_#valid| |c_old(#valid)|)) (.cse7 (= (select |c_old(#valid)| .cse17) 0)) (.cse4 (= .cse16 1)) (.cse9 (= (select |c_old(#valid)| .cse8) 0)) (.cse1 (= |c_#valid| .cse15)) (.cse11 (select |c_#valid| .cse12)) (.cse13 (= |c_#valid| .cse14))) (and (let ((.cse0 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)))) (or (and .cse0 .cse1 .cse2) (and (or (and .cse3 .cse0) .cse4) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse5 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse6 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= |c_create_internal_#t~mem8.base| .cse5) (= (store |c_old(#valid)| .cse6 (select |v_old(#valid)_AFTER_CALL_49| .cse6)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse5 (select |c_#valid| .cse5))) (= (select |c_#valid| .cse6) 1)))))) (or .cse3 .cse7 .cse2) (or (= .cse8 |c_create_internal_#t~mem8.base|) .cse9 .cse1) (or .cse3 .cse7 .cse4) (or (= .cse10 1) .cse9 .cse1) (or (= .cse11 1) (= (select |c_old(#valid)| .cse12) 0) .cse13) (= |c_#valid| (store .cse14 .cse12 .cse11)) .cse13))))))))) is different from true [2025-03-17 12:09:22,431 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse17 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse16 (select |c_#valid| .cse17))) (let ((.cse15 (store |c_old(#valid)| .cse17 .cse16))) (let ((.cse10 (@diff .cse15 |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse10))) (let ((.cse9 (store .cse15 .cse10 .cse3))) (let ((.cse7 (@diff .cse9 |c_#valid|))) (let ((.cse6 (select |c_#valid| .cse7)) (.cse4 (= (select |c_old(#valid)| .cse10) 0)) (.cse8 (= |c_#valid| .cse9)) (.cse1 (= (select |c_old(#valid)| .cse17) 0)) (.cse11 (= c_create_internal_~now~0.base .cse17)) (.cse0 (= |c_#valid| |c_old(#valid)|)) (.cse2 (= .cse16 1)) (.cse5 (= |c_#valid| .cse15))) (and (or .cse0 .cse1 .cse2) (or (= .cse3 1) .cse4 .cse5) (or (= .cse6 1) (= (select |c_old(#valid)| .cse7) 0) .cse8) (= |c_#valid| (store .cse9 .cse7 .cse6)) (or (= .cse10 c_create_internal_~now~0.base) .cse4 .cse5) .cse8 (or .cse0 .cse1 .cse11) (let ((.cse12 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)))) (or (and .cse12 .cse5 .cse11) (and (or (and .cse0 .cse12) .cse2) .cse5) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse14 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse13 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse13 (select |v_old(#valid)_AFTER_CALL_49| .cse13)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse14) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse14 (select |c_#valid| .cse14))) (= (select |c_#valid| .cse13) 1))))))))))))))) is different from false [2025-03-17 12:09:22,444 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse17 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse16 (select |c_#valid| .cse17))) (let ((.cse15 (store |c_old(#valid)| .cse17 .cse16))) (let ((.cse10 (@diff .cse15 |c_#valid|))) (let ((.cse3 (select |c_#valid| .cse10))) (let ((.cse9 (store .cse15 .cse10 .cse3))) (let ((.cse7 (@diff .cse9 |c_#valid|))) (let ((.cse6 (select |c_#valid| .cse7)) (.cse4 (= (select |c_old(#valid)| .cse10) 0)) (.cse8 (= |c_#valid| .cse9)) (.cse1 (= (select |c_old(#valid)| .cse17) 0)) (.cse11 (= c_create_internal_~now~0.base .cse17)) (.cse0 (= |c_#valid| |c_old(#valid)|)) (.cse2 (= .cse16 1)) (.cse5 (= |c_#valid| .cse15))) (and (or .cse0 .cse1 .cse2) (or (= .cse3 1) .cse4 .cse5) (or (= .cse6 1) (= (select |c_old(#valid)| .cse7) 0) .cse8) (= |c_#valid| (store .cse9 .cse7 .cse6)) (or (= .cse10 c_create_internal_~now~0.base) .cse4 .cse5) .cse8 (or .cse0 .cse1 .cse11) (let ((.cse12 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)))) (or (and .cse12 .cse5 .cse11) (and (or (and .cse0 .cse12) .cse2) .cse5) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse14 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse13 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse13 (select |v_old(#valid)_AFTER_CALL_49| .cse13)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse14) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse14 (select |c_#valid| .cse14))) (= (select |c_#valid| .cse13) 1))))))))))))))) is different from true [2025-03-17 12:09:22,450 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse4 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse7 (select |c_#valid| .cse4))) (let ((.cse2 (store |c_old(#valid)| .cse4 .cse7))) (let ((.cse0 (@diff .cse2 |c_#valid|)) (.cse5 (= c_create_internal_~now~0.base .cse4)) (.cse3 (= |c_#valid| |c_old(#valid)|)) (.cse1 (= |c_#valid| .cse2))) (and (or (= .cse0 c_create_internal_~now~0.base) (= (select |c_old(#valid)| .cse0) 0) .cse1) (= |c_#valid| (store .cse2 .cse0 (select |c_#valid| .cse0))) (or .cse3 (= (select |c_old(#valid)| .cse4) 0) .cse5) (let ((.cse6 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)))) (or (and .cse6 .cse1 .cse5) (and (or (and .cse3 .cse6) (= .cse7 1)) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse9 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse8 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse8 (select |v_old(#valid)_AFTER_CALL_49| .cse8)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse9) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse9 (select |c_#valid| .cse9))) (= (select |c_#valid| .cse8) 1))))))))))) is different from false [2025-03-17 12:09:22,454 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse4 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse7 (select |c_#valid| .cse4))) (let ((.cse2 (store |c_old(#valid)| .cse4 .cse7))) (let ((.cse0 (@diff .cse2 |c_#valid|)) (.cse5 (= c_create_internal_~now~0.base .cse4)) (.cse3 (= |c_#valid| |c_old(#valid)|)) (.cse1 (= |c_#valid| .cse2))) (and (or (= .cse0 c_create_internal_~now~0.base) (= (select |c_old(#valid)| .cse0) 0) .cse1) (= |c_#valid| (store .cse2 .cse0 (select |c_#valid| .cse0))) (or .cse3 (= (select |c_old(#valid)| .cse4) 0) .cse5) (let ((.cse6 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)))) (or (and .cse6 .cse1 .cse5) (and (or (and .cse3 .cse6) (= .cse7 1)) .cse1) (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse9 (@diff |v_old(#valid)_AFTER_CALL_49| |c_#valid|)) (.cse8 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|))) (and (= (store |c_old(#valid)| .cse8 (select |v_old(#valid)_AFTER_CALL_49| .cse8)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse9) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_49| .cse9 (select |c_#valid| .cse9))) (= (select |c_#valid| .cse8) 1))))))))))) is different from true [2025-03-17 12:09:22,739 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse3 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse4 (select |c_#valid| .cse3))) (let ((.cse7 (store |c_old(#valid)| .cse3 .cse4))) (let ((.cse6 (@diff .cse7 |c_#valid|))) (let ((.cse5 (select |c_#valid| .cse6))) (let ((.cse2 (store .cse7 .cse6 .cse5))) (let ((.cse1 (@diff .cse2 |c_#valid|))) (let ((.cse0 (select |c_#valid| .cse1))) (and (or (= .cse0 1) (= (select |c_old(#valid)| .cse1) 0) (= .cse1 c_create_internal_~now~0.base) (= |c_#valid| .cse2)) (or (= |c_#valid| |c_old(#valid)|) (= (select |c_old(#valid)| .cse3) 0) (= .cse4 1) (= c_create_internal_~now~0.base .cse3)) (= |c_#valid| (store .cse2 .cse1 .cse0)) (or (= .cse5 1) (= .cse6 c_create_internal_~now~0.base) (= (select |c_old(#valid)| .cse6) 0) (= |c_#valid| .cse7)) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (let ((.cse8 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse8 (select |v_#valid_BEFORE_CALL_44| .cse8))) (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= .cse8 c_create_internal_~now~0.base)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse9 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse10 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse9) 1) (= (store |c_old(#valid)| .cse9 (select |v_old(#valid)_AFTER_CALL_49| .cse9)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse10) (= (store |v_old(#valid)_AFTER_CALL_49| .cse10 (select |v_#valid_BEFORE_CALL_44| .cse10)) |v_#valid_BEFORE_CALL_44|)))) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))))))))))))) is different from false [2025-03-17 12:09:22,750 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse3 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse4 (select |c_#valid| .cse3))) (let ((.cse7 (store |c_old(#valid)| .cse3 .cse4))) (let ((.cse6 (@diff .cse7 |c_#valid|))) (let ((.cse5 (select |c_#valid| .cse6))) (let ((.cse2 (store .cse7 .cse6 .cse5))) (let ((.cse1 (@diff .cse2 |c_#valid|))) (let ((.cse0 (select |c_#valid| .cse1))) (and (or (= .cse0 1) (= (select |c_old(#valid)| .cse1) 0) (= .cse1 c_create_internal_~now~0.base) (= |c_#valid| .cse2)) (or (= |c_#valid| |c_old(#valid)|) (= (select |c_old(#valid)| .cse3) 0) (= .cse4 1) (= c_create_internal_~now~0.base .cse3)) (= |c_#valid| (store .cse2 .cse1 .cse0)) (or (= .cse5 1) (= .cse6 c_create_internal_~now~0.base) (= (select |c_old(#valid)| .cse6) 0) (= |c_#valid| .cse7)) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (let ((.cse8 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse8 (select |v_#valid_BEFORE_CALL_44| .cse8))) (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= .cse8 c_create_internal_~now~0.base)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (exists ((|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse9 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse10 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse9) 1) (= (store |c_old(#valid)| .cse9 (select |v_old(#valid)_AFTER_CALL_49| .cse9)) |v_old(#valid)_AFTER_CALL_49|) (= c_create_internal_~now~0.base .cse10) (= (store |v_old(#valid)_AFTER_CALL_49| .cse10 (select |v_#valid_BEFORE_CALL_44| .cse10)) |v_#valid_BEFORE_CALL_44|)))) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))))))))))))) is different from true [2025-03-17 12:09:22,780 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse4 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse5 (select |c_#valid| .cse4))) (let ((.cse8 (store |c_old(#valid)| .cse4 .cse5))) (let ((.cse7 (@diff .cse8 |c_#valid|))) (let ((.cse6 (select |c_#valid| .cse7))) (let ((.cse11 (store .cse8 .cse7 .cse6))) (let ((.cse10 (@diff .cse11 |c_#valid|))) (let ((.cse9 (select |c_#valid| .cse10))) (and (let ((.cse2 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse0) 1) (= (store |c_old(#valid)| .cse0 (select |v_old(#valid)_AFTER_CALL_49| .cse0)) |v_old(#valid)_AFTER_CALL_49|) (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1))))) (and .cse2 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) .cse2) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse3 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse3 (select |v_#valid_BEFORE_CALL_44| .cse3))) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse3) 1)))))) (or (= |c_#valid| |c_old(#valid)|) (= (select |c_old(#valid)| .cse4) 0) (= .cse5 1)) (or (= .cse6 1) (= (select |c_old(#valid)| .cse7) 0) (= |c_#valid| .cse8)) (or (= .cse9 1) (= (select |c_old(#valid)| .cse10) 0) (= |c_#valid| .cse11)) (= |c_#valid| (store .cse11 .cse10 .cse9))))))))))) is different from false [2025-03-17 12:09:22,788 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse4 (@diff |c_old(#valid)| |c_#valid|))) (let ((.cse5 (select |c_#valid| .cse4))) (let ((.cse8 (store |c_old(#valid)| .cse4 .cse5))) (let ((.cse7 (@diff .cse8 |c_#valid|))) (let ((.cse6 (select |c_#valid| .cse7))) (let ((.cse11 (store .cse8 .cse7 .cse6))) (let ((.cse10 (@diff .cse11 |c_#valid|))) (let ((.cse9 (select |c_#valid| .cse10))) (and (let ((.cse2 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse0 (@diff |c_old(#valid)| |v_old(#valid)_AFTER_CALL_49|)) (.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| .cse0) 1) (= (store |c_old(#valid)| .cse0 (select |v_old(#valid)_AFTER_CALL_49| .cse0)) |v_old(#valid)_AFTER_CALL_49|) (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1))))) (and .cse2 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_old(#valid)| v_create_internal_~now~0.base_36) 1)) (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base 1)))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|) 1)) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)))) .cse2) (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse3 (@diff |c_old(#valid)| |v_#valid_BEFORE_CALL_44|))) (and (= |v_#valid_BEFORE_CALL_44| (store |c_old(#valid)| .cse3 (select |v_#valid_BEFORE_CALL_44| .cse3))) (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |c_#valid| .cse3) 1)))))) (or (= |c_#valid| |c_old(#valid)|) (= (select |c_old(#valid)| .cse4) 0) (= .cse5 1)) (or (= .cse6 1) (= (select |c_old(#valid)| .cse7) 0) (= |c_#valid| .cse8)) (or (= .cse9 1) (= (select |c_old(#valid)| .cse10) 0) (= |c_#valid| .cse11)) (= |c_#valid| (store .cse11 .cse10 .cse9))))))))))) is different from true [2025-03-17 12:09:22,854 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse3 (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and (let ((.cse4 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse0 (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_old(#valid)_AFTER_CALL_51| .cse0 (select |v_#valid_BEFORE_CALL_44| .cse0)) |v_#valid_BEFORE_CALL_44|) (= (select |c_#valid| .cse0) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|)) (.cse2 (@diff |v_old(#valid)_AFTER_CALL_51| |v_old(#valid)_AFTER_CALL_49|))) (and (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= (store |v_old(#valid)_AFTER_CALL_51| .cse2 (select |v_old(#valid)_AFTER_CALL_49| .cse2)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_#valid_BEFORE_CALL_44| .cse2) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and .cse3 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)) .cse4 (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (and (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int)) (alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (= |v_#valid_BEFORE_CALL_44| (store |v_old(#valid)_AFTER_CALL_51| (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|) 1)))) .cse4))) .cse3)) is different from false [2025-03-17 12:09:22,857 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse3 (= (select |c_#valid| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and (let ((.cse4 (exists ((create_internal_~now~0.base Int)) (= (select |c_#valid| create_internal_~now~0.base) 1)))) (or (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (v_create_internal_~now~0.base_36 Int)) (let ((.cse0 (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|))) (and (= (select |v_#valid_BEFORE_CALL_44| v_create_internal_~now~0.base_36) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (store |v_old(#valid)_AFTER_CALL_51| .cse0 (select |v_#valid_BEFORE_CALL_44| .cse0)) |v_#valid_BEFORE_CALL_44|) (= (select |c_#valid| .cse0) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int))) (and (exists ((alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int)) (|v_old(#valid)_AFTER_CALL_49| (Array Int Int))) (let ((.cse1 (@diff |v_old(#valid)_AFTER_CALL_49| |v_#valid_BEFORE_CALL_44|)) (.cse2 (@diff |v_old(#valid)_AFTER_CALL_51| |v_old(#valid)_AFTER_CALL_49|))) (and (= (select |c_#valid| .cse1) 1) (= (store |v_old(#valid)_AFTER_CALL_49| .cse1 (select |v_#valid_BEFORE_CALL_44| .cse1)) |v_#valid_BEFORE_CALL_44|) (= (store |v_old(#valid)_AFTER_CALL_51| .cse2 (select |v_old(#valid)_AFTER_CALL_49| .cse2)) |v_old(#valid)_AFTER_CALL_49|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_#valid_BEFORE_CALL_44| .cse2) 1)))) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1))) (and .cse3 (exists ((v_create_internal_~now~0.base_36 Int)) (= (select |c_#valid| v_create_internal_~now~0.base_36) 1)) .cse4 (exists ((alloc_and_zero_internal_~pi~1.base Int)) (= (select |c_#valid| alloc_and_zero_internal_~pi~1.base) 1))) (and (exists ((|v_old(#valid)_AFTER_CALL_51| (Array Int Int)) (alloc_and_zero_internal_~pi~1.base Int) (|v_#valid_BEFORE_CALL_44| (Array Int Int))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_44| alloc_and_zero_internal_~pi~1.base 1)) (= (select |v_old(#valid)_AFTER_CALL_51| |c_ULTIMATE.start_create_~now~1#1.base|) 1) (= |v_#valid_BEFORE_CALL_44| (store |v_old(#valid)_AFTER_CALL_51| (@diff |v_old(#valid)_AFTER_CALL_51| |v_#valid_BEFORE_CALL_44|) 1)))) .cse4))) .cse3)) is different from true [2025-03-17 12:09:23,135 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-17 12:09:23,135 INFO L93 Difference]: Finished difference Result 269 states and 368 transitions. [2025-03-17 12:09:23,136 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2025-03-17 12:09:23,136 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 29 states have (on average 2.103448275862069) internal successors, (61), 22 states have internal predecessors, (61), 7 states have call successors, (7), 2 states have call predecessors, (7), 7 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) Word has length 48 [2025-03-17 12:09:23,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-17 12:09:23,137 INFO L225 Difference]: With dead ends: 269 [2025-03-17 12:09:23,137 INFO L226 Difference]: Without dead ends: 269 [2025-03-17 12:09:23,137 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 103 GetRequests, 55 SyntacticMatches, 3 SemanticMatches, 45 ConstructedPredicates, 16 IntricatePredicates, 0 DeprecatedPredicates, 122 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=232, Invalid=731, Unknown=31, NotChecked=1168, Total=2162 [2025-03-17 12:09:23,138 INFO L435 NwaCegarLoop]: 91 mSDtfsCounter, 104 mSDsluCounter, 763 mSDsCounter, 0 mSdLazyCounter, 986 mSolverCounterSat, 54 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 854 SdHoareTripleChecker+Invalid, 3273 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 54 IncrementalHoareTripleChecker+Valid, 986 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 2233 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2025-03-17 12:09:23,138 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 854 Invalid, 3273 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [54 Valid, 986 Invalid, 0 Unknown, 2233 Unchecked, 0.6s Time] [2025-03-17 12:09:23,138 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 269 states. [2025-03-17 12:09:23,145 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 269 to 248. [2025-03-17 12:09:23,145 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 248 states, 176 states have (on average 1.4829545454545454) internal successors, (261), 206 states have internal predecessors, (261), 26 states have call successors, (26), 7 states have call predecessors, (26), 10 states have return successors, (56), 34 states have call predecessors, (56), 26 states have call successors, (56) [2025-03-17 12:09:23,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 248 states to 248 states and 343 transitions. [2025-03-17 12:09:23,147 INFO L78 Accepts]: Start accepts. Automaton has 248 states and 343 transitions. Word has length 48 [2025-03-17 12:09:23,147 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-17 12:09:23,147 INFO L471 AbstractCegarLoop]: Abstraction has 248 states and 343 transitions. [2025-03-17 12:09:23,147 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 29 states have (on average 2.103448275862069) internal successors, (61), 22 states have internal predecessors, (61), 7 states have call successors, (7), 2 states have call predecessors, (7), 7 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2025-03-17 12:09:23,147 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 343 transitions. [2025-03-17 12:09:23,147 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2025-03-17 12:09:23,147 INFO L210 NwaCegarLoop]: Found error trace [2025-03-17 12:09:23,147 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-17 12:09:23,154 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Ended with exit code 0 [2025-03-17 12:09:23,348 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19,12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:23,348 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting ULTIMATE.startErr31REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [loop_internalErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, loop_internalErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, alloc_and_zeroErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 48 more)] === [2025-03-17 12:09:23,348 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-17 12:09:23,348 INFO L85 PathProgramCache]: Analyzing trace with hash 446588300, now seen corresponding path program 2 times [2025-03-17 12:09:23,348 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-17 12:09:23,348 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1514559854] [2025-03-17 12:09:23,348 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-17 12:09:23,348 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-17 12:09:23,357 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 48 statements into 2 equivalence classes. [2025-03-17 12:09:23,362 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 48 of 48 statements. [2025-03-17 12:09:23,363 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-17 12:09:23,363 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:23,913 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 0 proven. 19 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2025-03-17 12:09:23,913 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-17 12:09:23,913 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1514559854] [2025-03-17 12:09:23,914 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1514559854] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-17 12:09:23,914 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [657103946] [2025-03-17 12:09:23,914 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-17 12:09:23,914 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-17 12:09:23,914 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-17 12:09:23,915 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-17 12:09:23,917 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (13)] Waiting until timeout for monitored process [2025-03-17 12:09:23,987 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 48 statements into 2 equivalence classes. [2025-03-17 12:09:24,016 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 48 of 48 statements. [2025-03-17 12:09:24,017 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-17 12:09:24,017 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-17 12:09:24,018 INFO L256 TraceCheckSpWp]: Trace formula consists of 293 conjuncts, 51 conjuncts are in the unsatisfiable core [2025-03-17 12:09:24,020 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-17 12:09:24,024 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2025-03-17 12:09:24,026 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2025-03-17 12:09:24,121 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (and (= |c_#valid| (store |c_old(#valid)| alloc_and_zero_internal_~pi~1.base (select |c_#valid| alloc_and_zero_internal_~pi~1.base))) (= (store |c_old(#length)| alloc_and_zero_internal_~pi~1.base (select |c_#length| alloc_and_zero_internal_~pi~1.base)) |c_#length|) (= (select |c_old(#valid)| alloc_and_zero_internal_~pi~1.base) 0))) is different from true [2025-03-17 12:09:24,320 WARN L873 $PredicateComparison]: unable to prove that (exists ((alloc_and_zero_internal_~pi~1.base Int)) (and (= (store |c_old(#length)| alloc_and_zero_internal_~pi~1.base (select |c_#length| alloc_and_zero_internal_~pi~1.base)) |c_#length|) (= (select |c_old(#valid)| alloc_and_zero_internal_~pi~1.base) 0))) is different from true [2025-03-17 12:09:24,959 INFO L349 Elim1Store]: treesize reduction 236, result has 12.6 percent of original size [2025-03-17 12:09:24,959 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 4 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 5 new quantified variables, introduced 8 case distinctions, treesize of input 140 treesize of output 297 [2025-03-17 12:09:25,288 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2025-03-17 12:09:25,289 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 9 select indices, 9 select index equivalence classes, 0 disjoint index pairs (out of 36 index pairs), introduced 9 new quantified variables, introduced 36 case distinctions, treesize of input 138 treesize of output 408