java -ea -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AutomizerBplInline.xml -s ../../../trunk/examples/settings/ai/array-bench/reach_32bit_array_oct.epf -i ../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/PointerIncrement-simplified01.bpl -------------------------------------------------------------------------------- This is Ultimate 0.1.24-b7bd044-m [2019-01-18 14:45:05,271 INFO L170 SettingsManager]: Resetting all preferences to default values... [2019-01-18 14:45:05,273 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2019-01-18 14:45:05,285 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-01-18 14:45:05,285 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-01-18 14:45:05,286 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-01-18 14:45:05,287 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-01-18 14:45:05,289 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2019-01-18 14:45:05,290 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-01-18 14:45:05,291 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-01-18 14:45:05,292 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-01-18 14:45:05,293 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-01-18 14:45:05,293 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-01-18 14:45:05,294 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-01-18 14:45:05,295 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-01-18 14:45:05,296 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-01-18 14:45:05,297 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-01-18 14:45:05,299 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-01-18 14:45:05,304 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2019-01-18 14:45:05,306 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-01-18 14:45:05,307 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-01-18 14:45:05,310 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-01-18 14:45:05,313 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-01-18 14:45:05,313 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-01-18 14:45:05,314 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-01-18 14:45:05,315 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-01-18 14:45:05,319 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-01-18 14:45:05,320 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-01-18 14:45:05,320 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2019-01-18 14:45:05,324 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-01-18 14:45:05,324 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2019-01-18 14:45:05,325 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-01-18 14:45:05,325 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-01-18 14:45:05,326 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2019-01-18 14:45:05,328 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2019-01-18 14:45:05,329 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2019-01-18 14:45:05,329 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/ai/array-bench/reach_32bit_array_oct.epf [2019-01-18 14:45:05,351 INFO L110 SettingsManager]: Loading preferences was successful [2019-01-18 14:45:05,351 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2019-01-18 14:45:05,355 INFO L131 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2019-01-18 14:45:05,355 INFO L133 SettingsManager]: * Show backtranslation warnings=false [2019-01-18 14:45:05,356 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2019-01-18 14:45:05,356 INFO L133 SettingsManager]: * User list type=DISABLED [2019-01-18 14:45:05,356 INFO L133 SettingsManager]: * Inline calls to unimplemented procedures=true [2019-01-18 14:45:05,356 INFO L131 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2019-01-18 14:45:05,356 INFO L133 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2019-01-18 14:45:05,356 INFO L133 SettingsManager]: * Underlying domain=OctagonDomain [2019-01-18 14:45:05,357 INFO L133 SettingsManager]: * Abstract domain=ArrayDomain [2019-01-18 14:45:05,357 INFO L133 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2019-01-18 14:45:05,357 INFO L133 SettingsManager]: * Interval Domain=false [2019-01-18 14:45:05,359 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2019-01-18 14:45:05,359 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2019-01-18 14:45:05,359 INFO L133 SettingsManager]: * Use SBE=true [2019-01-18 14:45:05,359 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2019-01-18 14:45:05,359 INFO L133 SettingsManager]: * sizeof long=4 [2019-01-18 14:45:05,360 INFO L133 SettingsManager]: * Overapproximate operations on floating types=true [2019-01-18 14:45:05,360 INFO L133 SettingsManager]: * sizeof POINTER=4 [2019-01-18 14:45:05,360 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2019-01-18 14:45:05,360 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2019-01-18 14:45:05,360 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2019-01-18 14:45:05,360 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2019-01-18 14:45:05,363 INFO L133 SettingsManager]: * sizeof long double=12 [2019-01-18 14:45:05,363 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2019-01-18 14:45:05,363 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2019-01-18 14:45:05,363 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2019-01-18 14:45:05,364 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2019-01-18 14:45:05,364 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2019-01-18 14:45:05,364 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-01-18 14:45:05,364 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2019-01-18 14:45:05,364 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2019-01-18 14:45:05,365 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2019-01-18 14:45:05,365 INFO L133 SettingsManager]: * Trace refinement strategy=TAIPAN [2019-01-18 14:45:05,365 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2019-01-18 14:45:05,365 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2019-01-18 14:45:05,365 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2019-01-18 14:45:05,365 INFO L133 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2019-01-18 14:45:05,400 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-01-18 14:45:05,411 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-01-18 14:45:05,415 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-01-18 14:45:05,416 INFO L271 PluginConnector]: Initializing Boogie PL CUP Parser... [2019-01-18 14:45:05,417 INFO L276 PluginConnector]: Boogie PL CUP Parser initialized [2019-01-18 14:45:05,418 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/PointerIncrement-simplified01.bpl [2019-01-18 14:45:05,418 INFO L111 BoogieParser]: Parsing: '/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/PointerIncrement-simplified01.bpl' [2019-01-18 14:45:05,477 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-01-18 14:45:05,479 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-01-18 14:45:05,479 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2019-01-18 14:45:05,480 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2019-01-18 14:45:05,480 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2019-01-18 14:45:05,496 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,509 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,517 WARN L165 Inliner]: Program contained no entry procedure! [2019-01-18 14:45:05,518 WARN L168 Inliner]: Missing entry procedures: [ULTIMATE.start] [2019-01-18 14:45:05,518 WARN L175 Inliner]: Fallback enabled. All procedures will be processed. [2019-01-18 14:45:05,539 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2019-01-18 14:45:05,540 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-01-18 14:45:05,540 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-01-18 14:45:05,540 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2019-01-18 14:45:05,551 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,552 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,553 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,554 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,569 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,574 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,575 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... [2019-01-18 14:45:05,577 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-01-18 14:45:05,582 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-01-18 14:45:05,582 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-01-18 14:45:05,582 INFO L276 PluginConnector]: RCFGBuilder initialized [2019-01-18 14:45:05,583 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-01-18 14:45:05,652 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2019-01-18 14:45:05,653 INFO L130 BoogieDeclarations]: Found specification of procedure main [2019-01-18 14:45:05,653 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2019-01-18 14:45:05,653 INFO L130 BoogieDeclarations]: Found specification of procedure ~malloc [2019-01-18 14:45:06,141 INFO L278 CfgBuilder]: Using library mode [2019-01-18 14:45:06,142 INFO L286 CfgBuilder]: Removed 5 assue(true) statements. [2019-01-18 14:45:06,144 INFO L202 PluginConnector]: Adding new model PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.01 02:45:06 BoogieIcfgContainer [2019-01-18 14:45:06,144 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-01-18 14:45:06,145 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2019-01-18 14:45:06,145 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2019-01-18 14:45:06,150 INFO L276 PluginConnector]: TraceAbstraction initialized [2019-01-18 14:45:06,150 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 18.01 02:45:05" (1/2) ... [2019-01-18 14:45:06,152 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@79f4c5b0 and model type PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.01 02:45:06, skipping insertion in model container [2019-01-18 14:45:06,152 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "PointerIncrement-simplified01.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.01 02:45:06" (2/2) ... [2019-01-18 14:45:06,154 INFO L112 eAbstractionObserver]: Analyzing ICFG PointerIncrement-simplified01.bpl [2019-01-18 14:45:06,165 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2019-01-18 14:45:06,174 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 2 error locations. [2019-01-18 14:45:06,188 INFO L257 AbstractCegarLoop]: Starting to check reachability of 2 error locations. [2019-01-18 14:45:06,222 INFO L382 AbstractCegarLoop]: Interprodecural is true [2019-01-18 14:45:06,222 INFO L383 AbstractCegarLoop]: Hoare is true [2019-01-18 14:45:06,222 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2019-01-18 14:45:06,222 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2019-01-18 14:45:06,222 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2019-01-18 14:45:06,222 INFO L387 AbstractCegarLoop]: Difference is false [2019-01-18 14:45:06,223 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2019-01-18 14:45:06,223 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2019-01-18 14:45:06,238 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states. [2019-01-18 14:45:06,244 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 5 [2019-01-18 14:45:06,244 INFO L394 BasicCegarLoop]: Found error trace [2019-01-18 14:45:06,245 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1] [2019-01-18 14:45:06,248 INFO L423 AbstractCegarLoop]: === Iteration 1 === [mainErr0ASSERT_VIOLATIONPRE_CONDITIONandASSERT, mainErr1ASSERT_VIOLATIONPRE_CONDITIONandASSERT]=== [2019-01-18 14:45:06,252 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-18 14:45:06,253 INFO L82 PathProgramCache]: Analyzing trace with hash 927590, now seen corresponding path program 1 times [2019-01-18 14:45:06,254 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-18 14:45:06,298 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:06,299 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-18 14:45:06,299 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:06,299 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-18 14:45:06,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-18 14:45:06,477 INFO L273 TraceCheckUtils]: 0: Hoare triple {14#true} ~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];#t~malloc0.base, #t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;~p~1.base, ~p~1.offset := #t~malloc0.base, #t~malloc0.offset;~q~1.base, ~q~1.offset := ~p~1.base, ~p~1.offset; {16#(select |#valid| main_~q~1.base)} is VALID [2019-01-18 14:45:06,484 INFO L273 TraceCheckUtils]: 1: Hoare triple {16#(select |#valid| main_~q~1.base)} #t~short2 := ~q~1.offset < ~p~1.offset + 400; {16#(select |#valid| main_~q~1.base)} is VALID [2019-01-18 14:45:06,493 INFO L273 TraceCheckUtils]: 2: Hoare triple {16#(select |#valid| main_~q~1.base)} assume #t~short2;read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := ~q~1.base, ~q~1.offset, 4; {17#(select |#valid| |main_read~int_#ptr.base|)} is VALID [2019-01-18 14:45:06,501 INFO L273 TraceCheckUtils]: 3: Hoare triple {17#(select |#valid| |main_read~int_#ptr.base|)} assume !#valid[read~int_#ptr.base]; {15#false} is VALID [2019-01-18 14:45:06,503 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-18 14:45:06,505 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-01-18 14:45:06,505 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2019-01-18 14:45:06,505 INFO L257 anRefinementStrategy]: Using the first perfect interpolant sequence [2019-01-18 14:45:06,510 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 4 [2019-01-18 14:45:06,511 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-18 14:45:06,514 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2019-01-18 14:45:06,541 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 4 edges. 4 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-18 14:45:06,541 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2019-01-18 14:45:06,548 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2019-01-18 14:45:06,549 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2019-01-18 14:45:06,551 INFO L87 Difference]: Start difference. First operand 11 states. Second operand 4 states. [2019-01-18 14:45:06,872 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:06,873 INFO L93 Difference]: Finished difference Result 20 states and 23 transitions. [2019-01-18 14:45:06,873 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2019-01-18 14:45:06,873 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 4 [2019-01-18 14:45:06,873 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-18 14:45:06,875 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2019-01-18 14:45:06,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 23 transitions. [2019-01-18 14:45:06,881 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2019-01-18 14:45:06,884 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 23 transitions. [2019-01-18 14:45:06,885 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 23 transitions. [2019-01-18 14:45:07,041 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-18 14:45:07,051 INFO L225 Difference]: With dead ends: 20 [2019-01-18 14:45:07,052 INFO L226 Difference]: Without dead ends: 10 [2019-01-18 14:45:07,055 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 0 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2019-01-18 14:45:07,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10 states. [2019-01-18 14:45:07,094 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10 to 7. [2019-01-18 14:45:07,094 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-18 14:45:07,095 INFO L82 GeneralOperation]: Start isEquivalent. First operand 10 states. Second operand 7 states. [2019-01-18 14:45:07,095 INFO L74 IsIncluded]: Start isIncluded. First operand 10 states. Second operand 7 states. [2019-01-18 14:45:07,095 INFO L87 Difference]: Start difference. First operand 10 states. Second operand 7 states. [2019-01-18 14:45:07,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:07,098 INFO L93 Difference]: Finished difference Result 10 states and 12 transitions. [2019-01-18 14:45:07,098 INFO L276 IsEmpty]: Start isEmpty. Operand 10 states and 12 transitions. [2019-01-18 14:45:07,098 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-18 14:45:07,098 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-18 14:45:07,099 INFO L74 IsIncluded]: Start isIncluded. First operand 7 states. Second operand 10 states. [2019-01-18 14:45:07,099 INFO L87 Difference]: Start difference. First operand 7 states. Second operand 10 states. [2019-01-18 14:45:07,100 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:07,101 INFO L93 Difference]: Finished difference Result 10 states and 12 transitions. [2019-01-18 14:45:07,101 INFO L276 IsEmpty]: Start isEmpty. Operand 10 states and 12 transitions. [2019-01-18 14:45:07,101 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-18 14:45:07,101 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-18 14:45:07,102 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-18 14:45:07,102 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-18 14:45:07,102 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2019-01-18 14:45:07,103 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 8 transitions. [2019-01-18 14:45:07,106 INFO L78 Accepts]: Start accepts. Automaton has 7 states and 8 transitions. Word has length 4 [2019-01-18 14:45:07,106 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-18 14:45:07,106 INFO L480 AbstractCegarLoop]: Abstraction has 7 states and 8 transitions. [2019-01-18 14:45:07,107 INFO L481 AbstractCegarLoop]: Interpolant automaton has 4 states. [2019-01-18 14:45:07,107 INFO L276 IsEmpty]: Start isEmpty. Operand 7 states and 8 transitions. [2019-01-18 14:45:07,107 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 6 [2019-01-18 14:45:07,107 INFO L394 BasicCegarLoop]: Found error trace [2019-01-18 14:45:07,107 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1] [2019-01-18 14:45:07,108 INFO L423 AbstractCegarLoop]: === Iteration 2 === [mainErr0ASSERT_VIOLATIONPRE_CONDITIONandASSERT, mainErr1ASSERT_VIOLATIONPRE_CONDITIONandASSERT]=== [2019-01-18 14:45:07,108 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-18 14:45:07,108 INFO L82 PathProgramCache]: Analyzing trace with hash 28755331, now seen corresponding path program 1 times [2019-01-18 14:45:07,108 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-18 14:45:07,109 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:07,110 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-18 14:45:07,111 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:07,111 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-18 14:45:07,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-18 14:45:07,373 INFO L273 TraceCheckUtils]: 0: Hoare triple {72#true} ~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];#t~malloc0.base, #t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;~p~1.base, ~p~1.offset := #t~malloc0.base, #t~malloc0.offset;~q~1.base, ~q~1.offset := ~p~1.base, ~p~1.offset; {74#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} is VALID [2019-01-18 14:45:07,374 INFO L273 TraceCheckUtils]: 1: Hoare triple {74#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} #t~short2 := ~q~1.offset < ~p~1.offset + 400; {75#(<= (+ main_~q~1.offset 400) (select |#length| main_~q~1.base))} is VALID [2019-01-18 14:45:07,375 INFO L273 TraceCheckUtils]: 2: Hoare triple {75#(<= (+ main_~q~1.offset 400) (select |#length| main_~q~1.base))} assume #t~short2;read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := ~q~1.base, ~q~1.offset, 4; {76#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 396) (select |#length| |main_read~int_#ptr.base|))} is VALID [2019-01-18 14:45:07,379 INFO L273 TraceCheckUtils]: 3: Hoare triple {76#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 396) (select |#length| |main_read~int_#ptr.base|))} assume #valid[read~int_#ptr.base]; {76#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 396) (select |#length| |main_read~int_#ptr.base|))} is VALID [2019-01-18 14:45:07,380 INFO L273 TraceCheckUtils]: 4: Hoare triple {76#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 396) (select |#length| |main_read~int_#ptr.base|))} assume !(read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]); {73#false} is VALID [2019-01-18 14:45:07,380 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-18 14:45:07,381 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-01-18 14:45:07,381 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2019-01-18 14:45:07,381 INFO L257 anRefinementStrategy]: Using the first perfect interpolant sequence [2019-01-18 14:45:07,382 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 5 [2019-01-18 14:45:07,383 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-18 14:45:07,383 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2019-01-18 14:45:07,396 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 5 edges. 5 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-18 14:45:07,396 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-01-18 14:45:07,396 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-01-18 14:45:07,396 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2019-01-18 14:45:07,397 INFO L87 Difference]: Start difference. First operand 7 states and 8 transitions. Second operand 5 states. [2019-01-18 14:45:08,076 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:08,077 INFO L93 Difference]: Finished difference Result 17 states and 20 transitions. [2019-01-18 14:45:08,077 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2019-01-18 14:45:08,077 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 5 [2019-01-18 14:45:08,077 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-18 14:45:08,077 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2019-01-18 14:45:08,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 20 transitions. [2019-01-18 14:45:08,080 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2019-01-18 14:45:08,083 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 20 transitions. [2019-01-18 14:45:08,083 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 20 transitions. [2019-01-18 14:45:08,149 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-18 14:45:08,151 INFO L225 Difference]: With dead ends: 17 [2019-01-18 14:45:08,151 INFO L226 Difference]: Without dead ends: 16 [2019-01-18 14:45:08,152 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 0 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2019-01-18 14:45:08,152 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 16 states. [2019-01-18 14:45:08,191 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 16 to 11. [2019-01-18 14:45:08,191 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-18 14:45:08,191 INFO L82 GeneralOperation]: Start isEquivalent. First operand 16 states. Second operand 11 states. [2019-01-18 14:45:08,192 INFO L74 IsIncluded]: Start isIncluded. First operand 16 states. Second operand 11 states. [2019-01-18 14:45:08,192 INFO L87 Difference]: Start difference. First operand 16 states. Second operand 11 states. [2019-01-18 14:45:08,196 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:08,196 INFO L93 Difference]: Finished difference Result 16 states and 19 transitions. [2019-01-18 14:45:08,196 INFO L276 IsEmpty]: Start isEmpty. Operand 16 states and 19 transitions. [2019-01-18 14:45:08,197 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-18 14:45:08,197 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-18 14:45:08,197 INFO L74 IsIncluded]: Start isIncluded. First operand 11 states. Second operand 16 states. [2019-01-18 14:45:08,197 INFO L87 Difference]: Start difference. First operand 11 states. Second operand 16 states. [2019-01-18 14:45:08,199 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:08,199 INFO L93 Difference]: Finished difference Result 16 states and 19 transitions. [2019-01-18 14:45:08,199 INFO L276 IsEmpty]: Start isEmpty. Operand 16 states and 19 transitions. [2019-01-18 14:45:08,200 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-18 14:45:08,200 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-18 14:45:08,200 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-18 14:45:08,200 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-18 14:45:08,200 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2019-01-18 14:45:08,202 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 13 transitions. [2019-01-18 14:45:08,202 INFO L78 Accepts]: Start accepts. Automaton has 11 states and 13 transitions. Word has length 5 [2019-01-18 14:45:08,202 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-18 14:45:08,202 INFO L480 AbstractCegarLoop]: Abstraction has 11 states and 13 transitions. [2019-01-18 14:45:08,202 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-01-18 14:45:08,203 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 13 transitions. [2019-01-18 14:45:08,203 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 9 [2019-01-18 14:45:08,203 INFO L394 BasicCegarLoop]: Found error trace [2019-01-18 14:45:08,203 INFO L402 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1] [2019-01-18 14:45:08,204 INFO L423 AbstractCegarLoop]: === Iteration 3 === [mainErr0ASSERT_VIOLATIONPRE_CONDITIONandASSERT, mainErr1ASSERT_VIOLATIONPRE_CONDITIONandASSERT]=== [2019-01-18 14:45:08,204 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-18 14:45:08,204 INFO L82 PathProgramCache]: Analyzing trace with hash 2132412303, now seen corresponding path program 1 times [2019-01-18 14:45:08,204 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-18 14:45:08,205 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:08,205 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-18 14:45:08,206 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:08,206 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-18 14:45:08,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-18 14:45:08,330 INFO L273 TraceCheckUtils]: 0: Hoare triple {146#true} ~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];#t~malloc0.base, #t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;~p~1.base, ~p~1.offset := #t~malloc0.base, #t~malloc0.offset;~q~1.base, ~q~1.offset := ~p~1.base, ~p~1.offset; {146#true} is VALID [2019-01-18 14:45:08,331 INFO L273 TraceCheckUtils]: 1: Hoare triple {146#true} #t~short2 := ~q~1.offset < ~p~1.offset + 400; {146#true} is VALID [2019-01-18 14:45:08,345 INFO L273 TraceCheckUtils]: 2: Hoare triple {146#true} assume !#t~short2; {148#(not |main_#t~short2|)} is VALID [2019-01-18 14:45:08,360 INFO L273 TraceCheckUtils]: 3: Hoare triple {148#(not |main_#t~short2|)} assume !!#t~short2;havoc #t~mem1;havoc #t~short2;#t~post3.base, #t~post3.offset := ~q~1.base, ~q~1.offset;~q~1.base, ~q~1.offset := #t~post3.base, #t~post3.offset + 4;havoc #t~post3.base, #t~post3.offset; {147#false} is VALID [2019-01-18 14:45:08,360 INFO L273 TraceCheckUtils]: 4: Hoare triple {147#false} #t~short2 := ~q~1.offset < ~p~1.offset + 400; {147#false} is VALID [2019-01-18 14:45:08,361 INFO L273 TraceCheckUtils]: 5: Hoare triple {147#false} assume #t~short2;read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := ~q~1.base, ~q~1.offset, 4; {147#false} is VALID [2019-01-18 14:45:08,361 INFO L273 TraceCheckUtils]: 6: Hoare triple {147#false} assume #valid[read~int_#ptr.base]; {147#false} is VALID [2019-01-18 14:45:08,361 INFO L273 TraceCheckUtils]: 7: Hoare triple {147#false} assume !(read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]); {147#false} is VALID [2019-01-18 14:45:08,362 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-18 14:45:08,362 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-01-18 14:45:08,362 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2019-01-18 14:45:08,363 INFO L257 anRefinementStrategy]: Using the first perfect interpolant sequence [2019-01-18 14:45:08,363 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 8 [2019-01-18 14:45:08,363 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-18 14:45:08,363 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2019-01-18 14:45:08,474 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 8 edges. 8 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-18 14:45:08,474 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2019-01-18 14:45:08,475 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2019-01-18 14:45:08,475 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-01-18 14:45:08,475 INFO L87 Difference]: Start difference. First operand 11 states and 13 transitions. Second operand 3 states. [2019-01-18 14:45:08,541 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:08,541 INFO L93 Difference]: Finished difference Result 18 states and 21 transitions. [2019-01-18 14:45:08,541 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2019-01-18 14:45:08,541 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 8 [2019-01-18 14:45:08,542 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-18 14:45:08,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2019-01-18 14:45:08,543 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 16 transitions. [2019-01-18 14:45:08,543 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2019-01-18 14:45:08,544 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 16 transitions. [2019-01-18 14:45:08,544 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 16 transitions. [2019-01-18 14:45:08,567 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-18 14:45:08,568 INFO L225 Difference]: With dead ends: 18 [2019-01-18 14:45:08,569 INFO L226 Difference]: Without dead ends: 11 [2019-01-18 14:45:08,569 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-01-18 14:45:08,570 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11 states. [2019-01-18 14:45:08,579 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11 to 11. [2019-01-18 14:45:08,579 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-18 14:45:08,579 INFO L82 GeneralOperation]: Start isEquivalent. First operand 11 states. Second operand 11 states. [2019-01-18 14:45:08,580 INFO L74 IsIncluded]: Start isIncluded. First operand 11 states. Second operand 11 states. [2019-01-18 14:45:08,580 INFO L87 Difference]: Start difference. First operand 11 states. Second operand 11 states. [2019-01-18 14:45:08,582 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:08,582 INFO L93 Difference]: Finished difference Result 11 states and 11 transitions. [2019-01-18 14:45:08,582 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 11 transitions. [2019-01-18 14:45:08,582 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-18 14:45:08,583 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-18 14:45:08,583 INFO L74 IsIncluded]: Start isIncluded. First operand 11 states. Second operand 11 states. [2019-01-18 14:45:08,583 INFO L87 Difference]: Start difference. First operand 11 states. Second operand 11 states. [2019-01-18 14:45:08,584 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-18 14:45:08,584 INFO L93 Difference]: Finished difference Result 11 states and 11 transitions. [2019-01-18 14:45:08,584 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 11 transitions. [2019-01-18 14:45:08,585 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-18 14:45:08,585 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-18 14:45:08,585 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-18 14:45:08,585 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-18 14:45:08,585 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2019-01-18 14:45:08,586 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 11 transitions. [2019-01-18 14:45:08,586 INFO L78 Accepts]: Start accepts. Automaton has 11 states and 11 transitions. Word has length 8 [2019-01-18 14:45:08,587 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-18 14:45:08,587 INFO L480 AbstractCegarLoop]: Abstraction has 11 states and 11 transitions. [2019-01-18 14:45:08,587 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2019-01-18 14:45:08,587 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 11 transitions. [2019-01-18 14:45:08,587 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2019-01-18 14:45:08,587 INFO L394 BasicCegarLoop]: Found error trace [2019-01-18 14:45:08,588 INFO L402 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1] [2019-01-18 14:45:08,588 INFO L423 AbstractCegarLoop]: === Iteration 4 === [mainErr0ASSERT_VIOLATIONPRE_CONDITIONandASSERT, mainErr1ASSERT_VIOLATIONPRE_CONDITIONandASSERT]=== [2019-01-18 14:45:08,588 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-18 14:45:08,588 INFO L82 PathProgramCache]: Analyzing trace with hash -1391871885, now seen corresponding path program 1 times [2019-01-18 14:45:08,589 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-18 14:45:08,589 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:08,590 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-18 14:45:08,590 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-18 14:45:08,590 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-18 14:45:08,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-18 14:45:08,780 INFO L273 TraceCheckUtils]: 0: Hoare triple {207#true} ~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];#t~malloc0.base, #t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;~p~1.base, ~p~1.offset := #t~malloc0.base, #t~malloc0.offset;~q~1.base, ~q~1.offset := ~p~1.base, ~p~1.offset; {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} is VALID [2019-01-18 14:45:08,784 INFO L273 TraceCheckUtils]: 1: Hoare triple {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} #t~short2 := ~q~1.offset < ~p~1.offset + 400; {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} is VALID [2019-01-18 14:45:08,785 INFO L273 TraceCheckUtils]: 2: Hoare triple {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} assume #t~short2;read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := ~q~1.base, ~q~1.offset, 4; {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} is VALID [2019-01-18 14:45:08,786 INFO L273 TraceCheckUtils]: 3: Hoare triple {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} assume #valid[read~int_#ptr.base]; {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} is VALID [2019-01-18 14:45:08,786 INFO L273 TraceCheckUtils]: 4: Hoare triple {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} assume read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base];assume #valid[read~int_#ptr.base];assume read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base];havoc read~int_#value;assume read~int_#value == #memory_int[read~int_#ptr.base,read~int_#ptr.offset];#t~mem1 := read~int_#value;#t~short2 := #t~mem1 >= 0; {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} is VALID [2019-01-18 14:45:08,789 INFO L273 TraceCheckUtils]: 5: Hoare triple {209#(and (= main_~p~1.offset main_~q~1.offset) (<= (+ main_~p~1.offset 400) (select |#length| main_~q~1.base)))} assume !!#t~short2;havoc #t~mem1;havoc #t~short2;#t~post3.base, #t~post3.offset := ~q~1.base, ~q~1.offset;~q~1.base, ~q~1.offset := #t~post3.base, #t~post3.offset + 4;havoc #t~post3.base, #t~post3.offset; {210#(<= (+ main_~q~1.offset 396) (select |#length| main_~q~1.base))} is VALID [2019-01-18 14:45:08,790 INFO L273 TraceCheckUtils]: 6: Hoare triple {210#(<= (+ main_~q~1.offset 396) (select |#length| main_~q~1.base))} #t~short2 := ~q~1.offset < ~p~1.offset + 400; {210#(<= (+ main_~q~1.offset 396) (select |#length| main_~q~1.base))} is VALID [2019-01-18 14:45:08,791 INFO L273 TraceCheckUtils]: 7: Hoare triple {210#(<= (+ main_~q~1.offset 396) (select |#length| main_~q~1.base))} assume #t~short2;read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := ~q~1.base, ~q~1.offset, 4; {211#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 392) (select |#length| |main_read~int_#ptr.base|))} is VALID [2019-01-18 14:45:08,792 INFO L273 TraceCheckUtils]: 8: Hoare triple {211#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 392) (select |#length| |main_read~int_#ptr.base|))} assume #valid[read~int_#ptr.base]; {211#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 392) (select |#length| |main_read~int_#ptr.base|))} is VALID [2019-01-18 14:45:08,797 INFO L273 TraceCheckUtils]: 9: Hoare triple {211#(<= (+ |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType| 392) (select |#length| |main_read~int_#ptr.base|))} assume !(read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]); {208#false} is VALID [2019-01-18 14:45:08,799 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-18 14:45:08,799 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-18 14:45:08,800 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-18 14:45:08,800 INFO L205 CegarAbsIntRunner]: Running AI on error trace of length 11 with the following transitions: [2019-01-18 14:45:08,802 INFO L207 CegarAbsIntRunner]: [0], [4], [7], [9], [10], [11], [19] [2019-01-18 14:45:08,848 INFO L148 AbstractInterpreter]: Using domain ArrayDomain [2019-01-18 14:45:08,848 INFO L101 FixpointEngine]: Starting fixpoint engine with domain ArrayDomain (maxUnwinding=3, maxParallelStates=2) [2019-01-18 14:45:09,549 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-18 14:45:09,550 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-18 14:45:09,550 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-18 14:45:09,551 WARN L223 ngHoareTripleChecker]: -- [2019-01-18 14:45:09,551 WARN L224 ngHoareTripleChecker]: Pre: {2147483647#(forall ((v_idx_7 Int) (v_idx_8 Int) (v_idx_9 Int) (v_idx_3 Int) (v_idx_10 Int) (v_idx_4 Int) (v_idx_5 Int) (v_idx_6 Int) (v_idx_1 Int) (v_idx_2 Int)) (exists ((v_v_8_1 Int) (v_v_3_1 Bool) (v_v_4_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_0_1 Int) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_5_1 (Array Int Int)) (v_v_9_1 Bool) (v_v_6_1 Int)) (and (= (select |c_old(#length)| v_idx_9) v_v_2_1) (= v_v_5_1 (select |c_#memory_int| v_idx_5)) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_6)) (= v_v_0_1 (select |c_main_~malloc_old_#length| v_idx_1)) (= v_v_6_1 (select v_v_5_1 v_idx_7)) (= v_v_8_1 (select v_v_7_1 v_idx_2)) (= v_v_9_1 (select |c_main_~malloc_old_#valid| v_idx_10)) (= (select |c_#valid| v_idx_3) v_v_3_1) (= (select |c_old(#valid)| v_idx_4) v_v_4_1) (= (select |c_#length| v_idx_8) v_v_1_1))))} [2019-01-18 14:45:09,551 WARN L228 ngHoareTripleChecker]: Action: ~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];#t~malloc0.base, #t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;~p~1.base, ~p~1.offset := #t~malloc0.base, #t~malloc0.offset;~q~1.base, ~q~1.offset := ~p~1.base, ~p~1.offset; [2019-01-18 14:45:09,552 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (not (select |c_main_~malloc_old_#valid_primed| |c_main_~malloc_#res.base_primed|)) (= |c_main_#t~malloc0.offset_primed| |c_main_~malloc_#res.offset_primed|) (= (store |c_main_~malloc_old_#length_primed| |c_main_~malloc_#res.base_primed| c_main_~malloc_~size_primed) |c_#length_primed|) (= |c_main_~malloc_old_#valid_primed| |c_#valid|) (= |c_main_~malloc_old_#length_primed| |c_#length|) (= (store |c_main_~malloc_old_#valid_primed| |c_main_~malloc_#res.base_primed| true) |c_#valid_primed|) (= c_main_~q~1.offset_primed c_main_~p~1.offset_primed) (= 0 |c_main_~malloc_#res.offset_primed|) (= |c_main_#t~malloc0.base_primed| |c_main_~malloc_#res.base_primed|) (= c_main_~p~1.base_primed |c_main_#t~malloc0.base_primed|) (= c_main_~q~1.base_primed c_main_~p~1.base_primed) (= c_main_~malloc_~size_primed 400) (= c_main_~p~1.offset_primed |c_main_#t~malloc0.offset_primed|) (not (= |c_main_~malloc_#res.base_primed| 0))) [2019-01-18 14:45:09,552 WARN L230 ngHoareTripleChecker]: Post: {2147483646#(forall ((v_idx_14 Int) (v_idx_15 Int) (v_idx_23 Int) (v_idx_12 Int) (v_idx_24 Int) (v_idx_13 Int) (v_idx_21 Int) (v_idx_22 Int) (v_idx_11 Int) (v_idx_20 Int) (v_idx_18 Int) (v_idx_19 Int) (v_idx_16 Int) (v_idx_17 Int)) (exists ((v_v_24_1 Int) (v_v_4_1 Bool) (v_v_26_1 Int) (v_v_8_1 Int) (v_v_19_1 Bool) (v_v_18_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_5_1 (Array Int Int)) (v_v_6_1 Int) (v_v_20_1 Bool)) (and (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (= (select |c_old(#valid)| v_idx_13) v_v_4_1) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) v_v_19_1 (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (= (select |c_main_~malloc_old_#length| v_idx_11) v_v_1_1) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (= (select |c_old(#length)| v_idx_20) v_v_2_1) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (= v_v_5_1 (select |c_#memory_int| v_idx_17)) (= (select v_v_5_1 v_idx_19) v_v_6_1) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (= (select |c_old(#memory_int)| v_idx_18) v_v_7_1) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (or (< v_idx_22 |c_main_~malloc_#res.base|) (= (+ |c_main_~malloc_#res.offset| 400) (select |c_#length| v_idx_22)) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_22)) (= (select |c_main_~malloc_old_#valid| v_idx_24) v_v_12_1) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (or (= (select |c_#length| v_idx_21) v_v_24_1) (<= |c_main_~malloc_#res.base| v_idx_21)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (or (<= (+ |c_main_~malloc_#res.base| 1) v_idx_15) (= (select |c_#valid| v_idx_15) v_v_19_1) (< v_idx_15 |c_main_~malloc_#res.base|)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (or (= (select |c_#length| v_idx_23) v_v_26_1) (< v_idx_23 (+ |c_main_~malloc_#res.base| 1))) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (or (< v_idx_16 (+ |c_main_~malloc_#res.base| 1)) (= (select |c_#valid| v_idx_16) v_v_20_1)) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (or (= v_v_18_1 (select |c_#valid| v_idx_14)) (<= |c_main_~malloc_#res.base| v_idx_14)) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (= v_v_8_1 (select v_v_7_1 v_idx_12)) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:09,552 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-18 14:45:09,556 WARN L268 ngHoareTripleChecker]: -- [2019-01-18 14:45:09,556 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-18 14:45:09,666 WARN L270 ngHoareTripleChecker]: Pre: {2147483647#true} [2019-01-18 14:45:09,666 WARN L274 ngHoareTripleChecker]: Action: ~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];#t~malloc0.base, #t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;~p~1.base, ~p~1.offset := #t~malloc0.base, #t~malloc0.offset;~q~1.base, ~q~1.offset := ~p~1.base, ~p~1.offset; [2019-01-18 14:45:09,667 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (not (select |c_main_~malloc_old_#valid_primed| |c_main_~malloc_#res.base_primed|)) (= |c_main_#t~malloc0.offset_primed| |c_main_~malloc_#res.offset_primed|) (= (store |c_main_~malloc_old_#length_primed| |c_main_~malloc_#res.base_primed| c_main_~malloc_~size_primed) |c_#length_primed|) (= |c_main_~malloc_old_#valid_primed| |c_#valid|) (= |c_main_~malloc_old_#length_primed| |c_#length|) (= (store |c_main_~malloc_old_#valid_primed| |c_main_~malloc_#res.base_primed| true) |c_#valid_primed|) (= c_main_~q~1.offset_primed c_main_~p~1.offset_primed) (= 0 |c_main_~malloc_#res.offset_primed|) (= |c_main_#t~malloc0.base_primed| |c_main_~malloc_#res.base_primed|) (= c_main_~p~1.base_primed |c_main_#t~malloc0.base_primed|) (= c_main_~q~1.base_primed c_main_~p~1.base_primed) (= c_main_~malloc_~size_primed 400) (= c_main_~p~1.offset_primed |c_main_#t~malloc0.offset_primed|) (not (= |c_main_~malloc_#res.base_primed| 0))) [2019-01-18 14:45:10,011 WARN L276 ngHoareTripleChecker]: Post: {2147483646#(and (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (forall ((v_idx_22 Int)) (or (< v_idx_22 |main_~malloc_#res.base|) (= (+ |main_~malloc_#res.offset| 400) (select |#length| v_idx_22)) (<= (+ |main_~malloc_#res.base| 1) v_idx_22))) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (forall ((v_idx_15 Int)) (or (<= (+ |main_~malloc_#res.base| 1) v_idx_15) (< v_idx_15 |main_~malloc_#res.base|) (select |#valid| v_idx_15))) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:10,393 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-18 14:45:10,394 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-18 14:45:10,394 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-18 14:45:10,394 WARN L223 ngHoareTripleChecker]: -- [2019-01-18 14:45:10,395 WARN L224 ngHoareTripleChecker]: Pre: {2147483645#(forall ((v_idx_25 Int) (v_idx_36 Int) (v_idx_26 Int) (v_idx_37 Int) (v_idx_34 Int) (v_idx_35 Int) (v_idx_32 Int) (v_idx_33 Int) (v_idx_30 Int) (v_idx_31 Int) (v_idx_29 Int) (v_idx_27 Int) (v_idx_38 Int) (v_idx_28 Int)) (exists ((v_v_24_1 Int) (v_v_4_1 Bool) (v_v_26_1 Int) (v_v_8_1 Int) (v_v_19_1 Bool) (v_v_18_1 Bool) (v_v_12_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_2_1 Int) (v_v_6_1 Int) (v_v_20_1 Bool)) (and (= (select |c_main_~malloc_old_#valid| v_idx_38) v_v_12_1) (or (= (select |c_#length| v_idx_35) v_v_24_1) (<= |c_main_~malloc_#res.base| v_idx_35)) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (or (< v_idx_29 |c_main_~malloc_#res.base|) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_29) (= (select |c_#valid| v_idx_29) v_v_19_1)) (or (= (select |c_#valid| v_idx_28) v_v_18_1) (<= |c_main_~malloc_#res.base| v_idx_28)) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (or (= (select |c_#valid| v_idx_30) v_v_20_1) (< v_idx_30 (+ |c_main_~malloc_#res.base| 1))) v_v_19_1 (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (or (< v_idx_37 (+ |c_main_~malloc_#res.base| 1)) (= (select |c_#length| v_idx_37) v_v_26_1)) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (= v_v_5_1 (select |c_#memory_int| v_idx_31)) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (= (select v_v_5_1 v_idx_33) v_v_6_1) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_32)) (= (select v_v_7_1 v_idx_26) v_v_8_1) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (= (select |c_old(#length)| v_idx_34) v_v_2_1) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (= v_v_4_1 (select |c_old(#valid)| v_idx_27)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (= v_v_1_1 (select |c_main_~malloc_old_#length| v_idx_25)) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (or (= (select |c_#length| v_idx_36) (+ |c_main_~malloc_#res.offset| 400)) (< v_idx_36 |c_main_~malloc_#res.base|) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_36)) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:10,395 WARN L228 ngHoareTripleChecker]: Action: #t~short2 := ~q~1.offset < ~p~1.offset + 400; [2019-01-18 14:45:10,395 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (or (and (not |c_main_#t~short2_primed|) (not (< c_main_~q~1.offset (+ c_main_~p~1.offset 400)))) (and (< c_main_~q~1.offset (+ c_main_~p~1.offset 400)) |c_main_#t~short2_primed|)) [2019-01-18 14:45:10,395 WARN L230 ngHoareTripleChecker]: Post: {2147483644#(forall ((v_idx_47 Int) (v_idx_48 Int) (v_idx_45 Int) (v_idx_46 Int) (v_idx_43 Int) (v_idx_44 Int) (v_idx_41 Int) (v_idx_52 Int) (v_idx_42 Int) (v_idx_50 Int) (v_idx_40 Int) (v_idx_51 Int) (v_idx_49 Int) (v_idx_39 Int)) (exists ((v_v_24_1 Int) (v_v_4_1 Bool) (v_v_26_1 Int) (v_v_8_1 Int) (v_v_19_1 Bool) (v_v_18_1 Bool) (v_v_12_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_2_1 Int) (v_v_6_1 Int) (v_v_20_1 Bool)) (and (or (< v_idx_50 |c_main_~malloc_#res.base|) (= (select |c_#length| v_idx_50) (+ |c_main_~malloc_#res.offset| 400)) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_50)) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (= (select v_v_5_1 v_idx_47) v_v_6_1) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) v_v_19_1 (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) |c_main_#t~short2| (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (= v_v_5_1 (select |c_#memory_int| v_idx_45)) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (or (= (select |c_#valid| v_idx_43) v_v_19_1) (< v_idx_43 |c_main_~malloc_#res.base|) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_43)) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (or (= (select |c_#length| v_idx_51) v_v_26_1) (< v_idx_51 (+ |c_main_~malloc_#res.base| 1))) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (= (select |c_main_~malloc_old_#length| v_idx_39) v_v_1_1) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (= (select |c_old(#length)| v_idx_48) v_v_2_1) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (or (= (select |c_#valid| v_idx_42) v_v_18_1) (<= |c_main_~malloc_#res.base| v_idx_42)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (= v_v_4_1 (select |c_old(#valid)| v_idx_41)) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (or (<= |c_main_~malloc_#res.base| v_idx_49) (= (select |c_#length| v_idx_49) v_v_24_1)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (= (select |c_main_~malloc_old_#valid| v_idx_52) v_v_12_1) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (or (< v_idx_44 (+ |c_main_~malloc_#res.base| 1)) (= (select |c_#valid| v_idx_44) v_v_20_1)) (= (select |c_old(#memory_int)| v_idx_46) v_v_7_1) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (= (select v_v_7_1 v_idx_40) v_v_8_1) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:10,396 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-18 14:45:10,396 WARN L268 ngHoareTripleChecker]: -- [2019-01-18 14:45:10,396 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-18 14:45:11,115 WARN L270 ngHoareTripleChecker]: Pre: {2147483645#(and (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (forall ((v_idx_36 Int)) (or (= (select |#length| v_idx_36) (+ |main_~malloc_#res.offset| 400)) (< v_idx_36 |main_~malloc_#res.base|) (<= (+ |main_~malloc_#res.base| 1) v_idx_36))) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (forall ((v_idx_29 Int)) (or (< v_idx_29 |main_~malloc_#res.base|) (select |#valid| v_idx_29) (<= (+ |main_~malloc_#res.base| 1) v_idx_29))) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:11,116 WARN L274 ngHoareTripleChecker]: Action: #t~short2 := ~q~1.offset < ~p~1.offset + 400; [2019-01-18 14:45:11,117 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (or (and (not |c_main_#t~short2_primed|) (not (< c_main_~q~1.offset (+ c_main_~p~1.offset 400)))) (and (< c_main_~q~1.offset (+ c_main_~p~1.offset 400)) |c_main_#t~short2_primed|)) [2019-01-18 14:45:11,362 WARN L276 ngHoareTripleChecker]: Post: {2147483644#(and (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) |main_#t~short2| (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (forall ((v_idx_50 Int)) (or (< v_idx_50 |main_~malloc_#res.base|) (= (select |#length| v_idx_50) (+ |main_~malloc_#res.offset| 400)) (<= (+ |main_~malloc_#res.base| 1) v_idx_50))) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (forall ((v_idx_43 Int)) (or (select |#valid| v_idx_43) (< v_idx_43 |main_~malloc_#res.base|) (<= (+ |main_~malloc_#res.base| 1) v_idx_43))) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:11,681 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-18 14:45:11,681 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-18 14:45:11,681 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-18 14:45:11,682 WARN L223 ngHoareTripleChecker]: -- [2019-01-18 14:45:11,682 WARN L224 ngHoareTripleChecker]: Pre: {2147483643#(forall ((v_idx_58 Int) (v_idx_59 Int) (v_idx_56 Int) (v_idx_57 Int) (v_idx_65 Int) (v_idx_54 Int) (v_idx_66 Int) (v_idx_55 Int) (v_idx_63 Int) (v_idx_64 Int) (v_idx_53 Int) (v_idx_61 Int) (v_idx_62 Int) (v_idx_60 Int)) (exists ((v_v_24_1 Int) (v_v_4_1 Bool) (v_v_26_1 Int) (v_v_8_1 Int) (v_v_19_1 Bool) (v_v_18_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_2_1 Int) (v_v_6_1 Int) (v_v_20_1 Bool)) (and (or (= (select |c_#length| v_idx_63) v_v_24_1) (<= |c_main_~malloc_#res.base| v_idx_63)) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (or (<= |c_main_~malloc_#res.base| v_idx_56) (= (select |c_#valid| v_idx_56) v_v_18_1)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) v_v_19_1 (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) (= v_v_1_1 (select |c_main_~malloc_old_#length| v_idx_53)) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) |c_main_#t~short2| (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (= (select v_v_7_1 v_idx_54) v_v_8_1) (= v_v_5_1 (select |c_#memory_int| v_idx_59)) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (or (= (select |c_#length| v_idx_65) v_v_26_1) (< v_idx_65 (+ |c_main_~malloc_#res.base| 1))) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (= (select |c_old(#valid)| v_idx_55) v_v_4_1) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (or (= (select |c_#valid| v_idx_57) v_v_19_1) (< v_idx_57 |c_main_~malloc_#res.base|) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_57)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (or (= (select |c_#valid| v_idx_58) v_v_20_1) (< v_idx_58 (+ |c_main_~malloc_#res.base| 1))) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (= v_v_12_1 (select |c_main_~malloc_old_#valid| v_idx_66)) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (= (select v_v_5_1 v_idx_61) v_v_6_1) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (or (< v_idx_64 |c_main_~malloc_#res.base|) (= (select |c_#length| v_idx_64) (+ |c_main_~malloc_#res.offset| 400)) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_64)) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_60)) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (= (select |c_old(#length)| v_idx_62) v_v_2_1) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:11,682 WARN L228 ngHoareTripleChecker]: Action: assume #t~short2;read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := ~q~1.base, ~q~1.offset, 4; [2019-01-18 14:45:11,682 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= |c_main_read~int_#ptr.base_primed| c_main_~q~1.base) (= |c_main_read~int_#ptr.offset_primed| c_main_~q~1.offset) |c_main_#t~short2| (= |c_main_read~int_#sizeOfReadType_primed| 4)) [2019-01-18 14:45:11,683 WARN L230 ngHoareTripleChecker]: Post: {2147483642#(forall ((v_idx_69 Int) (v_idx_67 Int) (v_idx_78 Int) (v_idx_68 Int) (v_idx_79 Int) (v_idx_76 Int) (v_idx_77 Int) (v_idx_74 Int) (v_idx_75 Int) (v_idx_72 Int) (v_idx_73 Int) (v_idx_70 Int) (v_idx_71 Int) (v_idx_80 Int)) (exists ((v_v_24_1 Int) (v_v_4_1 Bool) (v_v_26_1 Int) (v_v_8_1 Int) (v_v_19_1 Bool) (v_v_18_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_2_1 Int) (v_v_6_1 Int) (v_v_20_1 Bool)) (and (or (<= (+ |c_main_~malloc_#res.base| 1) v_idx_71) (< v_idx_71 |c_main_~malloc_#res.base|) (= (select |c_#valid| v_idx_71) v_v_19_1)) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~p~1.offset)) 0) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_~malloc_#res.offset|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) v_v_19_1 (<= (- |c_main_read~int_#ptr.offset| c_main_~malloc_~size) (- 400)) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) |c_main_#t~short2| (or (= (select |c_#valid| v_idx_72) v_v_20_1) (< v_idx_72 (+ |c_main_~malloc_#res.base| 1))) (<= (- |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~malloc_~size) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~malloc_~size) (- 404)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~p~1.offset)) (- 4)) (or (= (select |c_#length| v_idx_79) v_v_26_1) (< v_idx_79 (+ |c_main_~malloc_#res.base| 1))) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~p~1.offset)) 4) (= v_v_5_1 (select |c_#memory_int| v_idx_73)) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (- |c_main_read~int_#sizeOfReadType| |c_main_~malloc_#res.offset|) 4) (or (= (select |c_#length| v_idx_77) v_v_24_1) (<= |c_main_~malloc_#res.base| v_idx_77)) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (= (select |c_old(#length)| v_idx_76) v_v_2_1) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#ptr.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_74)) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_read~int_#sizeOfReadType|)) 8) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_read~int_#sizeOfReadType|) (- 8)) (= (select |c_main_~malloc_old_#valid| v_idx_80) v_v_12_1) (<= (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|) 4) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~malloc_~size)) 404) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~malloc_~size)) 400) (<= |c_main_read~int_#sizeOfReadType| (+ |c_main_~malloc_#res.offset| 4)) (= v_v_1_1 (select |c_main_~malloc_old_#length| v_idx_67)) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~malloc_~size) (- 396)) (<= 4 (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- |c_main_~malloc_#res.offset|)) (- 4)) (= (select v_v_5_1 v_idx_75) v_v_6_1) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (or (< v_idx_78 |c_main_~malloc_#res.base|) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_78) (= (+ |c_main_~malloc_#res.offset| 400) (select |c_#length| v_idx_78))) (or (= (select |c_#valid| v_idx_70) v_v_18_1) (<= |c_main_~malloc_#res.base| v_idx_70)) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~malloc_~size)) 396) (= v_v_4_1 (select |c_old(#valid)| v_idx_69)) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (<= (- |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~p~1.offset) (- 4)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~q~1.offset) (- 4)) (<= |c_main_~malloc_#res.offset| |c_main_read~int_#ptr.offset|) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~q~1.offset) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_~malloc_#res.offset|)) 4) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~malloc_~size)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= 0 (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|)) (= v_v_8_1 (select v_v_7_1 v_idx_68)) (<= (+ |c_main_~malloc_#res.offset| 4) |c_main_read~int_#sizeOfReadType|) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~q~1.offset)) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~p~1.offset) 4) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~q~1.offset)) 4) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~q~1.offset) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:11,683 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-18 14:45:11,684 WARN L268 ngHoareTripleChecker]: -- [2019-01-18 14:45:11,685 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-18 14:45:11,795 WARN L270 ngHoareTripleChecker]: Pre: {2147483643#(and (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (forall ((v_idx_57 Int)) (or (select |#valid| v_idx_57) (< v_idx_57 |main_~malloc_#res.base|) (<= (+ |main_~malloc_#res.base| 1) v_idx_57))) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) |main_#t~short2| (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (forall ((v_idx_64 Int)) (or (< v_idx_64 |main_~malloc_#res.base|) (= (select |#length| v_idx_64) (+ |main_~malloc_#res.offset| 400)) (<= (+ |main_~malloc_#res.base| 1) v_idx_64))) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:11,795 WARN L274 ngHoareTripleChecker]: Action: assume #t~short2;read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := ~q~1.base, ~q~1.offset, 4; [2019-01-18 14:45:11,795 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= |c_main_read~int_#ptr.base_primed| c_main_~q~1.base) (= |c_main_read~int_#ptr.offset_primed| c_main_~q~1.offset) |c_main_#t~short2| (= |c_main_read~int_#sizeOfReadType_primed| 4)) [2019-01-18 14:45:12,092 WARN L276 ngHoareTripleChecker]: Post: {2147483642#(and (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_read~int_#ptr.offset|) (- main_~p~1.offset)) 0) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_read~int_#sizeOfReadType|) |main_~malloc_#res.offset|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_read~int_#ptr.offset| main_~malloc_~size) (- 400)) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) |main_#t~short2| (<= (- |main_read~int_#ptr.offset| main_~q~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~malloc_~size) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~malloc_~size) (- 404)) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~p~1.offset)) (- 4)) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (forall ((v_idx_71 Int)) (or (select |#valid| v_idx_71) (<= (+ |main_~malloc_#res.base| 1) v_idx_71) (< v_idx_71 |main_~malloc_#res.base|))) (<= (- |main_read~int_#ptr.offset| (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- |main_read~int_#sizeOfReadType| (- main_~p~1.offset)) 4) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (- |main_read~int_#sizeOfReadType| |main_~malloc_#res.offset|) 4) (<= (- |main_read~int_#ptr.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#ptr.offset| main_~p~1.offset) 0) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#ptr.offset|) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- |main_read~int_#ptr.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- |main_read~int_#sizeOfReadType|)) 8) (<= (- (- |main_read~int_#sizeOfReadType|) |main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|) 4) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- |main_read~int_#sizeOfReadType| (- main_~malloc_~size)) 404) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= (- |main_read~int_#ptr.offset| (- main_~malloc_~size)) 400) (<= |main_read~int_#sizeOfReadType| (+ |main_~malloc_#res.offset| 4)) (<= (- |main_read~int_#sizeOfReadType| main_~malloc_~size) (- 396)) (<= 4 (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|)) (<= (- (- |main_read~int_#ptr.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_read~int_#sizeOfReadType|) (- |main_~malloc_#res.offset|)) (- 4)) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~malloc_~size)) 396) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (forall ((v_idx_78 Int)) (or (< v_idx_78 |main_~malloc_#res.base|) (<= (+ |main_~malloc_#res.base| 1) v_idx_78) (= (+ |main_~malloc_#res.offset| 400) (select |#length| v_idx_78)))) (<= (- |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_read~int_#sizeOfReadType|) main_~p~1.offset) (- 4)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~q~1.offset) (- 4)) (<= |main_~malloc_#res.offset| |main_read~int_#ptr.offset|) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#sizeOfReadType| main_~q~1.offset) 4) (<= (- |main_read~int_#sizeOfReadType| (- |main_~malloc_#res.offset|)) 4) (<= (- (- |main_read~int_#ptr.offset|) (- main_~malloc_~size)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= 0 (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|)) (<= (+ |main_~malloc_#res.offset| 4) |main_read~int_#sizeOfReadType|) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~q~1.offset)) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= (- |main_read~int_#sizeOfReadType| main_~p~1.offset) 4) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- main_~q~1.offset)) 4) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~q~1.offset) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#ptr.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_~malloc_#res.offset|) 0) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:12,449 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-18 14:45:12,449 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-18 14:45:12,449 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-18 14:45:12,449 WARN L223 ngHoareTripleChecker]: -- [2019-01-18 14:45:12,450 WARN L224 ngHoareTripleChecker]: Pre: {2147483641#(forall ((v_idx_89 Int) (v_idx_87 Int) (v_idx_88 Int) (v_idx_85 Int) (v_idx_86 Int) (v_idx_83 Int) (v_idx_94 Int) (v_idx_84 Int) (v_idx_81 Int) (v_idx_92 Int) (v_idx_82 Int) (v_idx_93 Int) (v_idx_90 Int) (v_idx_91 Int)) (exists ((v_v_24_1 Int) (v_v_4_1 Bool) (v_v_26_1 Int) (v_v_8_1 Int) (v_v_19_1 Bool) (v_v_18_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_5_1 (Array Int Int)) (v_v_6_1 Int) (v_v_20_1 Bool)) (and (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~p~1.offset)) 0) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_~malloc_#res.offset|) (- 4)) (= v_v_1_1 (select |c_main_~malloc_old_#length| v_idx_81)) (= v_v_2_1 (select |c_old(#length)| v_idx_90)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) v_v_19_1 (<= (- |c_main_read~int_#ptr.offset| c_main_~malloc_~size) (- 400)) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) |c_main_#t~short2| (<= (- |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~malloc_~size) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~malloc_~size) (- 404)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (= v_v_8_1 (select v_v_7_1 v_idx_82)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~p~1.offset)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~p~1.offset)) 4) (or (<= |c_main_~malloc_#res.base| v_idx_84) (= (select |c_#valid| v_idx_84) v_v_18_1)) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (- |c_main_read~int_#sizeOfReadType| |c_main_~malloc_#res.offset|) 4) (= (select |c_old(#valid)| v_idx_83) v_v_4_1) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (= (select |c_#memory_int| v_idx_87) v_v_5_1) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#ptr.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (or (<= (+ |c_main_~malloc_#res.base| 1) v_idx_92) (= (select |c_#length| v_idx_92) (+ |c_main_~malloc_#res.offset| 400)) (< v_idx_92 |c_main_~malloc_#res.base|)) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_read~int_#sizeOfReadType|)) 8) (or (= (select |c_#valid| v_idx_85) v_v_19_1) (<= (+ |c_main_~malloc_#res.base| 1) v_idx_85) (< v_idx_85 |c_main_~malloc_#res.base|)) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|) 4) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~malloc_~size)) 404) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~malloc_~size)) 400) (<= |c_main_read~int_#sizeOfReadType| (+ |c_main_~malloc_#res.offset| 4)) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~malloc_~size) (- 396)) (<= 4 (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- |c_main_~malloc_#res.offset|)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (= v_v_6_1 (select v_v_5_1 v_idx_89)) (= (select |c_main_~malloc_old_#valid| v_idx_94) v_v_12_1) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~malloc_~size)) 396) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (<= (- |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~p~1.offset) (- 4)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~q~1.offset) (- 4)) (<= |c_main_~malloc_#res.offset| |c_main_read~int_#ptr.offset|) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~q~1.offset) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_~malloc_#res.offset|)) 4) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~malloc_~size)) 400) (or (= (select |c_#length| v_idx_93) v_v_26_1) (< v_idx_93 (+ |c_main_~malloc_#res.base| 1))) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= 0 (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|)) (<= (+ |c_main_~malloc_#res.offset| 4) |c_main_read~int_#sizeOfReadType|) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_88)) (or (<= |c_main_~malloc_#res.base| v_idx_91) (= (select |c_#length| v_idx_91) v_v_24_1)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (or (< v_idx_86 (+ |c_main_~malloc_#res.base| 1)) (= (select |c_#valid| v_idx_86) v_v_20_1)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~q~1.offset)) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~p~1.offset) 4) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~q~1.offset)) 4) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~q~1.offset) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:12,450 WARN L228 ngHoareTripleChecker]: Action: assume #valid[read~int_#ptr.base]; [2019-01-18 14:45:12,450 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (select |c_#valid| |c_main_read~int_#ptr.base|) [2019-01-18 14:45:12,450 WARN L230 ngHoareTripleChecker]: Post: {2147483640#(forall ((v_idx_104 Int) (v_idx_105 Int) (v_idx_102 Int) (v_idx_103 Int) (v_idx_98 Int) (v_idx_99 Int) (v_idx_106 Int) (v_idx_96 Int) (v_idx_97 Int) (v_idx_95 Int) (v_idx_100 Int) (v_idx_101 Int)) (exists ((v_v_8_1 Int) (v_v_24_1 Int) (v_v_27_1 Bool) (v_v_4_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_2_1 Int) (v_v_6_1 Int) (v_v_26_1 Int)) (and (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~p~1.offset)) 0) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_~malloc_#res.offset|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_read~int_#ptr.offset| c_main_~malloc_~size) (- 400)) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) |c_main_#t~short2| (<= (- |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~malloc_~size) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~malloc_~size) (- 404)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (= v_v_5_1 (select |c_#memory_int| v_idx_99)) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (= (select |c_old(#length)| v_idx_102) v_v_2_1) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~p~1.offset)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~p~1.offset)) 4) (= (select |c_main_~malloc_old_#length| v_idx_95) v_v_1_1) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (- |c_main_read~int_#sizeOfReadType| |c_main_~malloc_#res.offset|) 4) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#ptr.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_read~int_#sizeOfReadType|)) 8) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|) 4) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~malloc_~size)) 404) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (= (select |c_old(#valid)| v_idx_97) v_v_4_1) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~malloc_~size)) 400) (<= |c_main_read~int_#sizeOfReadType| (+ |c_main_~malloc_#res.offset| 4)) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~malloc_~size) (- 396)) (<= 4 (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- |c_main_~malloc_#res.offset|)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (= v_v_8_1 (select v_v_7_1 v_idx_96)) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (= v_v_12_1 (select |c_main_~malloc_old_#valid| v_idx_106)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~malloc_~size)) 396) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (<= (- |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~p~1.offset) (- 4)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~q~1.offset) (- 4)) (or (<= (+ |c_main_~malloc_#res.base| 1) v_idx_104) (< v_idx_104 |c_main_~malloc_#res.base|) (= (+ |c_main_~malloc_#res.offset| 400) (select |c_#length| v_idx_104))) (= (select |c_old(#memory_int)| v_idx_100) v_v_7_1) (<= |c_main_~malloc_#res.offset| |c_main_read~int_#ptr.offset|) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~q~1.offset) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_~malloc_#res.offset|)) 4) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~malloc_~size)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= 0 (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|)) (or (<= |c_main_~malloc_#res.base| v_idx_103) (= v_v_24_1 (select |c_#length| v_idx_103))) (<= (+ |c_main_~malloc_#res.offset| 4) |c_main_read~int_#sizeOfReadType|) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (= v_v_6_1 (select v_v_5_1 v_idx_101)) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~q~1.offset)) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (= v_v_27_1 (select |c_#valid| v_idx_98)) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (or (< v_idx_105 (+ |c_main_~malloc_#res.base| 1)) (= (select |c_#length| v_idx_105) v_v_26_1)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~p~1.offset) 4) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~q~1.offset)) 4) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~q~1.offset) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:12,450 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-18 14:45:12,451 WARN L268 ngHoareTripleChecker]: -- [2019-01-18 14:45:12,451 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-18 14:45:12,663 WARN L270 ngHoareTripleChecker]: Pre: {2147483641#(and (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_read~int_#ptr.offset|) (- main_~p~1.offset)) 0) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_read~int_#sizeOfReadType|) |main_~malloc_#res.offset|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_read~int_#ptr.offset| main_~malloc_~size) (- 400)) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) |main_#t~short2| (<= (- |main_read~int_#ptr.offset| main_~q~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~malloc_~size) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~malloc_~size) (- 404)) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~p~1.offset)) (- 4)) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- |main_read~int_#sizeOfReadType| (- main_~p~1.offset)) 4) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (forall ((v_idx_92 Int)) (or (<= (+ |main_~malloc_#res.base| 1) v_idx_92) (= (select |#length| v_idx_92) (+ |main_~malloc_#res.offset| 400)) (< v_idx_92 |main_~malloc_#res.base|))) (<= (- |main_read~int_#sizeOfReadType| |main_~malloc_#res.offset|) 4) (<= (- |main_read~int_#ptr.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#ptr.offset| main_~p~1.offset) 0) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#ptr.offset|) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- |main_read~int_#ptr.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- |main_read~int_#sizeOfReadType|)) 8) (<= (- (- |main_read~int_#sizeOfReadType|) |main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|) 4) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- |main_read~int_#sizeOfReadType| (- main_~malloc_~size)) 404) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= (- |main_read~int_#ptr.offset| (- main_~malloc_~size)) 400) (<= |main_read~int_#sizeOfReadType| (+ |main_~malloc_#res.offset| 4)) (<= (- |main_read~int_#sizeOfReadType| main_~malloc_~size) (- 396)) (<= 4 (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|)) (<= (- (- |main_read~int_#ptr.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_read~int_#sizeOfReadType|) (- |main_~malloc_#res.offset|)) (- 4)) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (forall ((v_idx_85 Int)) (or (select |#valid| v_idx_85) (<= (+ |main_~malloc_#res.base| 1) v_idx_85) (< v_idx_85 |main_~malloc_#res.base|))) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~malloc_~size)) 396) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_read~int_#sizeOfReadType|) main_~p~1.offset) (- 4)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~q~1.offset) (- 4)) (<= |main_~malloc_#res.offset| |main_read~int_#ptr.offset|) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#sizeOfReadType| main_~q~1.offset) 4) (<= (- |main_read~int_#sizeOfReadType| (- |main_~malloc_#res.offset|)) 4) (<= (- (- |main_read~int_#ptr.offset|) (- main_~malloc_~size)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= 0 (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|)) (<= (+ |main_~malloc_#res.offset| 4) |main_read~int_#sizeOfReadType|) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~q~1.offset)) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= (- |main_read~int_#sizeOfReadType| main_~p~1.offset) 4) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- main_~q~1.offset)) 4) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~q~1.offset) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#ptr.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_~malloc_#res.offset|) 0) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:12,663 WARN L274 ngHoareTripleChecker]: Action: assume #valid[read~int_#ptr.base]; [2019-01-18 14:45:12,664 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (select |c_#valid| |c_main_read~int_#ptr.base|) [2019-01-18 14:45:12,938 WARN L276 ngHoareTripleChecker]: Post: {2147483640#(and (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_read~int_#ptr.offset|) (- main_~p~1.offset)) 0) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_read~int_#sizeOfReadType|) |main_~malloc_#res.offset|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_read~int_#ptr.offset| main_~malloc_~size) (- 400)) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) |main_#t~short2| (<= (- |main_read~int_#ptr.offset| main_~q~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~malloc_~size) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~malloc_~size) (- 404)) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~p~1.offset)) (- 4)) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- |main_read~int_#sizeOfReadType| (- main_~p~1.offset)) 4) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (- |main_read~int_#sizeOfReadType| |main_~malloc_#res.offset|) 4) (<= (- |main_read~int_#ptr.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#ptr.offset| main_~p~1.offset) 0) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#ptr.offset|) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- |main_read~int_#ptr.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- |main_read~int_#sizeOfReadType|)) 8) (<= (- (- |main_read~int_#sizeOfReadType|) |main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|) 4) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- |main_read~int_#sizeOfReadType| (- main_~malloc_~size)) 404) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= (- |main_read~int_#ptr.offset| (- main_~malloc_~size)) 400) (<= |main_read~int_#sizeOfReadType| (+ |main_~malloc_#res.offset| 4)) (forall ((v_idx_104 Int)) (or (<= (+ |main_~malloc_#res.base| 1) v_idx_104) (< v_idx_104 |main_~malloc_#res.base|) (= (+ |main_~malloc_#res.offset| 400) (select |#length| v_idx_104)))) (<= (- |main_read~int_#sizeOfReadType| main_~malloc_~size) (- 396)) (<= 4 (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|)) (<= (- (- |main_read~int_#ptr.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_read~int_#sizeOfReadType|) (- |main_~malloc_#res.offset|)) (- 4)) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~malloc_~size)) 396) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_read~int_#sizeOfReadType|) main_~p~1.offset) (- 4)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~q~1.offset) (- 4)) (<= |main_~malloc_#res.offset| |main_read~int_#ptr.offset|) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#sizeOfReadType| main_~q~1.offset) 4) (<= (- |main_read~int_#sizeOfReadType| (- |main_~malloc_#res.offset|)) 4) (<= (- (- |main_read~int_#ptr.offset|) (- main_~malloc_~size)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= 0 (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|)) (<= (+ |main_~malloc_#res.offset| 4) |main_read~int_#sizeOfReadType|) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~q~1.offset)) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= (- |main_read~int_#sizeOfReadType| main_~p~1.offset) 4) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- main_~q~1.offset)) 4) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~q~1.offset) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#ptr.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_~malloc_#res.offset|) 0) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:13,254 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-18 14:45:13,255 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-18 14:45:13,255 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-18 14:45:13,255 WARN L223 ngHoareTripleChecker]: -- [2019-01-18 14:45:13,256 WARN L224 ngHoareTripleChecker]: Pre: {2147483639#(forall ((v_idx_115 Int) (v_idx_116 Int) (v_idx_113 Int) (v_idx_114 Int) (v_idx_108 Int) (v_idx_109 Int) (v_idx_117 Int) (v_idx_107 Int) (v_idx_118 Int) (v_idx_111 Int) (v_idx_112 Int) (v_idx_110 Int)) (exists ((v_v_24_1 Int) (v_v_8_1 Int) (v_v_27_1 Bool) (v_v_4_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_5_1 (Array Int Int)) (v_v_26_1 Int) (v_v_6_1 Int)) (and (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~p~1.offset)) 0) (or (<= (+ |c_main_~malloc_#res.base| 1) v_idx_116) (= (+ |c_main_~malloc_#res.offset| 400) (select |c_#length| v_idx_116)) (< v_idx_116 |c_main_~malloc_#res.base|)) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_~malloc_#res.offset|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_read~int_#ptr.offset| c_main_~malloc_~size) (- 400)) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) |c_main_#t~short2| (<= (- |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~malloc_~size) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~malloc_~size) (- 404)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~p~1.offset)) (- 4)) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_112)) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (or (= (select |c_#length| v_idx_117) v_v_26_1) (< v_idx_117 (+ |c_main_~malloc_#res.base| 1))) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#ptr.offset|)) 0) (= v_v_1_1 (select |c_main_~malloc_old_#length| v_idx_107)) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~p~1.offset)) 4) (= (select |c_old(#valid)| v_idx_109) v_v_4_1) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (- |c_main_read~int_#sizeOfReadType| |c_main_~malloc_#res.offset|) 4) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#ptr.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (= v_v_12_1 (select |c_main_~malloc_old_#valid| v_idx_118)) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (or (<= |c_main_~malloc_#res.base| v_idx_115) (= (select |c_#length| v_idx_115) v_v_24_1)) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_read~int_#sizeOfReadType|)) 8) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|) 4) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~malloc_~size)) 404) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (= v_v_2_1 (select |c_old(#length)| v_idx_114)) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~malloc_~size)) 400) (<= |c_main_read~int_#sizeOfReadType| (+ |c_main_~malloc_#res.offset| 4)) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~malloc_~size) (- 396)) (<= 4 (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- |c_main_~malloc_#res.offset|)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (= (select |c_#valid| v_idx_110) v_v_27_1) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (= v_v_8_1 (select v_v_7_1 v_idx_108)) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~malloc_~size)) 396) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (<= (- |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~p~1.offset) (- 4)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~q~1.offset) (- 4)) (<= |c_main_~malloc_#res.offset| |c_main_read~int_#ptr.offset|) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~q~1.offset) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_~malloc_#res.offset|)) 4) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~malloc_~size)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= 0 (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|)) (<= (+ |c_main_~malloc_#res.offset| 4) |c_main_read~int_#sizeOfReadType|) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (= v_v_6_1 (select v_v_5_1 v_idx_113)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~q~1.offset)) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (= v_v_5_1 (select |c_#memory_int| v_idx_111)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~p~1.offset) 4) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~q~1.offset)) 4) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~q~1.offset) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:13,256 WARN L228 ngHoareTripleChecker]: Action: assume !(read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]); [2019-01-18 14:45:13,256 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (not (<= (+ |c_main_read~int_#sizeOfReadType| |c_main_read~int_#ptr.offset|) (select |c_#length| |c_main_read~int_#ptr.base|))) [2019-01-18 14:45:13,256 WARN L230 ngHoareTripleChecker]: Post: {2147483638#(forall ((v_idx_126 Int) (v_idx_127 Int) (v_idx_124 Int) (v_idx_125 Int) (v_idx_119 Int) (v_idx_128 Int) (v_idx_129 Int) (v_idx_130 Int) (v_idx_122 Int) (v_idx_123 Int) (v_idx_120 Int) (v_idx_121 Int)) (exists ((v_v_8_1 Int) (v_v_27_1 Bool) (v_v_32_1 Int) (v_v_31_1 Int) (v_v_30_1 Int) (v_v_4_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_5_1 (Array Int Int)) (v_v_6_1 Int)) (and (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~p~1.offset)) 0) (or (< v_idx_128 |c_main_read~int_#ptr.base|) (= (select |c_#length| v_idx_128) v_v_31_1) (<= (+ |c_main_read~int_#ptr.base| 1) v_idx_128)) (= (select |c_old(#length)| v_idx_126) v_v_2_1) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_~malloc_#res.offset|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (or (<= |c_main_read~int_#ptr.base| v_idx_127) (= v_v_30_1 (select |c_#length| v_idx_127))) (<= (- |c_main_read~int_#ptr.offset| c_main_~malloc_~size) (- 400)) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) |c_main_#t~short2| (<= (- |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~malloc_~size) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~malloc_~size) (- 404)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~p~1.offset)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (= (select |c_main_~malloc_old_#length| v_idx_119) v_v_1_1) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (= (select |c_old(#memory_int)| v_idx_124) v_v_7_1) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~p~1.offset)) 4) (= v_v_12_1 (select |c_main_~malloc_old_#valid| v_idx_130)) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (- |c_main_read~int_#sizeOfReadType| |c_main_~malloc_#res.offset|) 4) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_~malloc_#res.offset|)) 0) (= (select |c_#valid| v_idx_122) v_v_27_1) (<= (- |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_read~int_#sizeOfReadType|)) 8) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_read~int_#sizeOfReadType|) (- 8)) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~malloc_~size)) 404) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~malloc_~size) (- 396)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- |c_main_~malloc_#res.offset|)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~malloc_~size)) 396) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (<= (- |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~p~1.offset) (- 4)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~q~1.offset) (- 4)) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~q~1.offset) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_~malloc_#res.offset|)) 4) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~malloc_~size)) 400) (= (select |c_#memory_int| v_idx_123) v_v_5_1) (= (select v_v_5_1 v_idx_125) v_v_6_1) (= (select |c_old(#valid)| v_idx_121) v_v_4_1) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~q~1.offset)) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~p~1.offset) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~q~1.offset)) 4) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~q~1.offset) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~p~1.offset) 0) (or (= (select |c_#length| v_idx_129) v_v_32_1) (< v_idx_129 (+ |c_main_read~int_#ptr.base| 1))) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_~malloc_#res.offset|) 0) (= (select v_v_7_1 v_idx_120) v_v_8_1))))} [2019-01-18 14:45:13,256 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-18 14:45:13,257 WARN L268 ngHoareTripleChecker]: -- [2019-01-18 14:45:13,257 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-18 14:45:13,545 WARN L270 ngHoareTripleChecker]: Pre: {2147483639#(and (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_read~int_#ptr.offset|) (- main_~p~1.offset)) 0) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_read~int_#sizeOfReadType|) |main_~malloc_#res.offset|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_read~int_#ptr.offset| main_~malloc_~size) (- 400)) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) |main_#t~short2| (<= (- |main_read~int_#ptr.offset| main_~q~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~malloc_~size) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~malloc_~size) (- 404)) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~p~1.offset)) (- 4)) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- |main_read~int_#sizeOfReadType| (- main_~p~1.offset)) 4) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (- |main_read~int_#sizeOfReadType| |main_~malloc_#res.offset|) 4) (<= (- |main_read~int_#ptr.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#ptr.offset| main_~p~1.offset) 0) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#ptr.offset|) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- |main_read~int_#ptr.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- |main_read~int_#sizeOfReadType|)) 8) (<= (- (- |main_read~int_#sizeOfReadType|) |main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|) 4) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- |main_read~int_#sizeOfReadType| (- main_~malloc_~size)) 404) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= (- |main_read~int_#ptr.offset| (- main_~malloc_~size)) 400) (<= |main_read~int_#sizeOfReadType| (+ |main_~malloc_#res.offset| 4)) (<= (- |main_read~int_#sizeOfReadType| main_~malloc_~size) (- 396)) (<= 4 (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|)) (<= (- (- |main_read~int_#ptr.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_read~int_#sizeOfReadType|) (- |main_~malloc_#res.offset|)) (- 4)) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~malloc_~size)) 396) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_read~int_#sizeOfReadType|) main_~p~1.offset) (- 4)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~q~1.offset) (- 4)) (<= |main_~malloc_#res.offset| |main_read~int_#ptr.offset|) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType|) (- 4)) (forall ((v_idx_116 Int)) (or (<= (+ |main_~malloc_#res.base| 1) v_idx_116) (= (+ |main_~malloc_#res.offset| 400) (select |#length| v_idx_116)) (< v_idx_116 |main_~malloc_#res.base|))) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#sizeOfReadType| main_~q~1.offset) 4) (<= (- |main_read~int_#sizeOfReadType| (- |main_~malloc_#res.offset|)) 4) (<= (- (- |main_read~int_#ptr.offset|) (- main_~malloc_~size)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= 0 (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|)) (<= (+ |main_~malloc_#res.offset| 4) |main_read~int_#sizeOfReadType|) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~q~1.offset)) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= (- |main_read~int_#sizeOfReadType| main_~p~1.offset) 4) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- main_~q~1.offset)) 4) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~q~1.offset) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#ptr.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_~malloc_#res.offset|) 0) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:13,546 WARN L274 ngHoareTripleChecker]: Action: assume !(read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]); [2019-01-18 14:45:13,546 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (not (<= (+ |c_main_read~int_#sizeOfReadType| |c_main_read~int_#ptr.offset|) (select |c_#length| |c_main_read~int_#ptr.base|))) [2019-01-18 14:45:13,642 WARN L276 ngHoareTripleChecker]: Post: {2147483638#(and (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_read~int_#ptr.offset|) (- main_~p~1.offset)) 0) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_read~int_#sizeOfReadType|) |main_~malloc_#res.offset|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_read~int_#ptr.offset| main_~malloc_~size) (- 400)) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) |main_#t~short2| (<= (- |main_read~int_#ptr.offset| main_~q~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~malloc_~size) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~malloc_~size) (- 404)) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~p~1.offset)) (- 4)) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (- |main_read~int_#ptr.offset| (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- |main_read~int_#sizeOfReadType| (- main_~p~1.offset)) 4) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (- |main_read~int_#sizeOfReadType| |main_~malloc_#res.offset|) 4) (<= (- |main_read~int_#ptr.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#ptr.offset| main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#ptr.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- |main_read~int_#sizeOfReadType|)) 8) (<= (- (- |main_read~int_#sizeOfReadType|) |main_read~int_#sizeOfReadType|) (- 8)) (<= (- |main_read~int_#sizeOfReadType| (- main_~malloc_~size)) 404) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= (- |main_read~int_#ptr.offset| (- main_~malloc_~size)) 400) (<= (- |main_read~int_#sizeOfReadType| main_~malloc_~size) (- 396)) (<= (- (- |main_read~int_#ptr.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_read~int_#sizeOfReadType|) (- |main_~malloc_#res.offset|)) (- 4)) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~malloc_~size)) 396) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_read~int_#sizeOfReadType|) main_~p~1.offset) (- 4)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~q~1.offset) (- 4)) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#sizeOfReadType| main_~q~1.offset) 4) (<= (- |main_read~int_#sizeOfReadType| (- |main_~malloc_#res.offset|)) 4) (<= (- (- |main_read~int_#ptr.offset|) (- main_~malloc_~size)) 400) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~q~1.offset)) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= (- |main_read~int_#sizeOfReadType| main_~p~1.offset) 4) (<= (- |main_read~int_#sizeOfReadType| (- main_~q~1.offset)) 4) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~q~1.offset) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_~malloc_#res.offset|) 0))} [2019-01-18 14:45:13,986 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-18 14:45:13,987 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-18 14:45:13,987 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-18 14:45:13,987 WARN L223 ngHoareTripleChecker]: -- [2019-01-18 14:45:13,987 WARN L224 ngHoareTripleChecker]: Pre: {2147483637#(forall ((v_idx_137 Int) (v_idx_138 Int) (v_idx_135 Int) (v_idx_136 Int) (v_idx_139 Int) (v_idx_140 Int) (v_idx_141 Int) (v_idx_133 Int) (v_idx_134 Int) (v_idx_142 Int) (v_idx_131 Int) (v_idx_132 Int)) (exists ((v_v_24_1 Int) (v_v_8_1 Int) (v_v_27_1 Bool) (v_v_4_1 Bool) (v_v_12_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_2_1 Int) (v_v_26_1 Int) (v_v_6_1 Int)) (and (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~p~1.offset)) 0) (<= 0 (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|)) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (= (select v_v_5_1 v_idx_137) v_v_6_1) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (* 2 |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_~malloc_#res.offset|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_read~int_#ptr.offset| c_main_~malloc_~size) (- 400)) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) |c_main_#t~short2| (<= (- |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~malloc_~size) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~malloc_~size) (- 404)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (= (select |c_main_~malloc_old_#length| v_idx_131) v_v_1_1) (<= c_main_~p~1.offset |c_main_~malloc_#res.offset|) (= v_v_27_1 (select |c_#valid| v_idx_134)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~p~1.offset)) (- 4)) (or (= (select |c_#length| v_idx_141) v_v_26_1) (< v_idx_141 (+ |c_main_~malloc_#res.base| 1))) (= (select |c_old(#valid)| v_idx_133) v_v_4_1) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (= (select |c_#memory_int| v_idx_135) v_v_5_1) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~p~1.offset)) 4) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (<= (- |c_main_read~int_#sizeOfReadType| |c_main_~malloc_#res.offset|) 4) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (<= (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size) 400) (= v_v_12_1 (select |c_main_~malloc_old_#valid| v_idx_142)) (<= 0 (* 2 |c_main_~malloc_#res.offset|)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#ptr.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~p~1.offset) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_read~int_#sizeOfReadType|)) 8) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|) 4) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~malloc_~size)) 404) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= c_main_~malloc_~size (+ |c_main_~malloc_#res.offset| 400)) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~malloc_~size)) 400) (<= |c_main_read~int_#sizeOfReadType| (+ |c_main_~malloc_#res.offset| 4)) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~malloc_~size) (- 396)) (<= 4 (+ |c_main_~malloc_#res.offset| |c_main_read~int_#sizeOfReadType|)) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- |c_main_~malloc_#res.offset|)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~malloc_~size)) 396) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (<= (- |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~p~1.offset) (- 4)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~q~1.offset) (- 4)) (<= |c_main_~malloc_#res.offset| |c_main_read~int_#ptr.offset|) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~q~1.offset) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_~malloc_#res.offset|)) 4) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~malloc_~size)) 400) (<= 0 (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset)) (<= 0 (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|)) (<= (+ |c_main_~malloc_#res.offset| 4) |c_main_read~int_#sizeOfReadType|) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_136)) (<= |c_main_~malloc_#res.offset| |c_main_#t~malloc0.offset|) (<= (+ |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~q~1.offset)) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (+ |c_main_~malloc_#res.offset| 400) c_main_~malloc_~size) (<= 400 (+ |c_main_~malloc_#res.offset| c_main_~malloc_~size)) (= (select |c_old(#length)| v_idx_138) v_v_2_1) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (or (= v_v_24_1 (select |c_#length| v_idx_139)) (<= |c_main_~malloc_#res.base| v_idx_139)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~p~1.offset) 4) (<= |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) (<= (+ |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~q~1.offset)) 4) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (= (select v_v_7_1 v_idx_132) v_v_8_1) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~q~1.offset) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (or (<= (+ |c_main_~malloc_#res.base| 1) v_idx_140) (< v_idx_140 |c_main_~malloc_#res.base|) (= (+ |c_main_~malloc_#res.offset| 400) (select |c_#length| v_idx_140))) (<= |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:13,988 WARN L228 ngHoareTripleChecker]: Action: assume read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base];assume #valid[read~int_#ptr.base];assume read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base];havoc read~int_#value;assume read~int_#value == #memory_int[read~int_#ptr.base,read~int_#ptr.offset];#t~mem1 := read~int_#value;#t~short2 := #t~mem1 >= 0; [2019-01-18 14:45:13,988 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= |c_main_#t~mem1_primed| |c_main_read~int_#value_primed|) (or (and (not (<= 0 |c_main_#t~mem1_primed|)) (not |c_main_#t~short2_primed|)) (and |c_main_#t~short2_primed| (<= 0 |c_main_#t~mem1_primed|))) (<= (+ |c_main_read~int_#sizeOfReadType| |c_main_read~int_#ptr.offset|) (select |c_#length| |c_main_read~int_#ptr.base|)) (select |c_#valid| |c_main_read~int_#ptr.base|) (= |c_main_read~int_#value_primed| (select (select |c_#memory_int| |c_main_read~int_#ptr.base|) |c_main_read~int_#ptr.offset|))) [2019-01-18 14:45:13,988 WARN L230 ngHoareTripleChecker]: Post: {2147483636#(forall ((v_idx_148 Int) (v_idx_149 Int) (v_idx_146 Int) (v_idx_157 Int) (v_idx_147 Int) (v_idx_158 Int) (v_idx_151 Int) (v_idx_152 Int) (v_idx_150 Int) (v_idx_144 Int) (v_idx_155 Int) (v_idx_145 Int) (v_idx_156 Int) (v_idx_153 Int) (v_idx_143 Int) (v_idx_154 Int)) (exists ((v_v_46_1 Int) (v_v_42_1 (Array Int Int)) (v_v_44_1 (Array Int Int)) (v_v_43_1 Int) (v_v_4_1 Bool) (v_v_49_1 (Array Int Int)) (v_v_39_1 Int) (v_v_48_1 Int) (v_v_8_1 Int) (v_v_12_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_36_1 Bool) (v_v_50_1 Int)) (and (<= |c_main_read~int_#ptr.offset| c_main_~p~1.offset) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~p~1.offset)) 0) (= v_v_12_1 (select |c_main_~malloc_old_#valid| v_idx_155)) (or (< v_idx_149 (+ |c_main_read~int_#ptr.base| 1)) (= v_v_49_1 (select |c_#memory_int| v_idx_149))) (<= (- (- c_main_~malloc_~size) (- c_main_~p~1.offset)) (- 400)) (<= 0 (* 2 c_main_~q~1.offset)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_~malloc_#res.offset|) (- 4)) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~malloc_~size) (- 400)) (<= c_main_~p~1.offset |c_main_read~int_#ptr.offset|) (<= (- |c_main_read~int_#ptr.offset| c_main_~malloc_~size) (- 400)) (<= (- (- c_main_~malloc_~size) c_main_~p~1.offset) (- 400)) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~p~1.offset)) 0) (<= (* 2 c_main_~q~1.offset) 0) (= (select |c_#valid| v_idx_146) v_v_36_1) (<= 0 (+ |c_main_#t~malloc0.offset| c_main_~q~1.offset)) (<= (- |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~malloc_~size) (- 400)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~malloc_~size) (- 404)) (<= c_main_~q~1.offset |c_main_read~int_#ptr.offset|) (<= (- (- |c_main_~malloc_#res.offset|) (- c_main_~malloc_~size)) 400) (or (< (+ v_idx_157 c_main_~q~1.offset) 0) (<= 1 (+ |c_main_read~int_#ptr.offset| v_idx_157)) (= |c_main_#t~mem1| (select v_v_44_1 v_idx_157))) (<= 0 (+ |c_main_read~int_#ptr.offset| c_main_~q~1.offset)) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~p~1.offset)) (- 4)) (or (< v_idx_148 |c_main_read~int_#ptr.base|) (<= (+ |c_main_read~int_#ptr.base| 1) v_idx_148) (= v_v_44_1 (select |c_#memory_int| v_idx_148))) (<= (- c_main_~malloc_~size (- c_main_~p~1.offset)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~p~1.offset)) 0) (= (select |c_main_~malloc_old_#length| v_idx_143) v_v_1_1) (<= (- |c_main_~malloc_#res.offset| (- c_main_~q~1.offset)) 0) (<= (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~q~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_#t~malloc0.offset|)) 0) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~p~1.offset)) 4) (<= (+ |c_main_read~int_#ptr.offset| 400) c_main_~malloc_~size) (<= (- |c_main_#t~mem1| |c_main_read~int_#value|) 0) (<= |c_main_read~int_#sizeOfReadType| (+ c_main_~q~1.offset 4)) (<= (+ |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (<= (- c_main_~malloc_~size (- c_main_~malloc_~size)) 800) (= (select v_v_42_1 v_idx_153) v_v_43_1) (<= (- |c_main_read~int_#sizeOfReadType| |c_main_~malloc_#res.offset|) 4) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (<= 0 (* 2 |c_main_read~int_#ptr.offset|)) (<= 4 (+ c_main_~q~1.offset |c_main_read~int_#sizeOfReadType|)) (<= c_main_~malloc_~size (+ |c_main_read~int_#ptr.offset| 400)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#ptr.offset|) 0) (<= |c_main_#t~malloc0.offset| c_main_~q~1.offset) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~p~1.offset)) 0) (<= (- |c_main_#t~malloc0.offset| c_main_~p~1.offset) 0) (<= 0 (+ |c_main_read~int_#ptr.offset| c_main_~p~1.offset)) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_read~int_#sizeOfReadType|)) 8) (<= (- (- |c_main_read~int_#sizeOfReadType|) |c_main_read~int_#sizeOfReadType|) (- 8)) (or (<= |c_main_read~int_#ptr.base| v_idx_147) (= (select |c_#memory_int| v_idx_147) v_v_42_1)) (<= |c_main_read~int_#value| |c_main_#t~mem1|) (= v_v_4_1 (select |c_old(#valid)| v_idx_145)) (<= 0 (+ c_main_~q~1.offset |c_main_~malloc_#res.offset|)) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~malloc_~size)) 404) (<= (- (- c_main_~p~1.offset) c_main_~p~1.offset) 0) (<= |c_main_read~int_#ptr.offset| c_main_~q~1.offset) (<= (- (- |c_main_#t~malloc0.offset|) c_main_~malloc_~size) (- 400)) (<= 0 (+ c_main_~q~1.offset c_main_~p~1.offset)) (<= c_main_~malloc_~size (+ c_main_~q~1.offset 400)) (<= (- |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) 0) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_read~int_#sizeOfReadType|) (- 4)) (= (select |c_old(#length)| v_idx_151) v_v_2_1) (or (< (+ |c_main_read~int_#ptr.offset| v_idx_158) 1) (= (select v_v_44_1 v_idx_158) v_v_48_1)) (<= (- |c_main_#t~malloc0.offset| c_main_~q~1.offset) 0) (= (select v_v_7_1 v_idx_144) v_v_8_1) (<= (- |c_main_read~int_#ptr.offset| (- c_main_~malloc_~size)) 400) (= (select v_v_49_1 v_idx_154) v_v_50_1) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~malloc_~size) (- 396)) (<= |c_main_read~int_#ptr.offset| |c_main_#t~malloc0.offset|) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- c_main_~malloc_~size c_main_~q~1.offset) 400) (<= (+ |c_main_read~int_#ptr.offset| |c_main_#t~malloc0.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- |c_main_~malloc_#res.offset|)) (- 4)) (<= (- c_main_~malloc_~size (- c_main_~q~1.offset)) 400) (<= (- |c_main_#t~malloc0.offset| c_main_~malloc_~size) (- 400)) (<= (- c_main_~p~1.offset c_main_~q~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- c_main_~malloc_~size)) 400) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~q~1.offset)) 0) (<= (+ |c_main_read~int_#ptr.offset| 4) |c_main_read~int_#sizeOfReadType|) (<= (- c_main_~p~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- c_main_~p~1.offset) (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~q~1.offset)) 0) (<= 4 (+ |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|)) (<= (- (- c_main_~malloc_~size) c_main_~q~1.offset) (- 400)) (<= |c_main_#t~mem1| |c_main_read~int_#value|) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~malloc_~size)) 396) (<= (- (- c_main_~malloc_~size) (- c_main_~q~1.offset)) (- 400)) (<= c_main_~q~1.offset c_main_~p~1.offset) (<= (- |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~p~1.offset) (- 4)) (<= (- (- |c_main_read~int_#sizeOfReadType|) c_main_~q~1.offset) (- 4)) (<= |c_main_~malloc_#res.offset| |c_main_read~int_#ptr.offset|) (<= (- |c_main_read~int_#ptr.offset| (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_~malloc_#res.offset|) 0) (<= (+ |c_main_read~int_#ptr.offset| c_main_~malloc_~size) 400) (<= (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) 0) (<= |c_main_~malloc_#res.offset| c_main_~q~1.offset) (<= |c_main_#t~malloc0.offset| |c_main_read~int_#ptr.offset|) (<= (- |c_main_~malloc_#res.offset| c_main_~malloc_~size) (- 400)) (<= (- |c_main_~malloc_#res.offset| c_main_~q~1.offset) 0) (<= (- |c_main_#t~malloc0.offset| (- c_main_~q~1.offset)) 0) (<= |c_main_read~int_#sizeOfReadType| (+ |c_main_read~int_#ptr.offset| 4)) (<= (- |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) (- 4)) (<= (+ |c_main_read~int_#ptr.offset| c_main_~q~1.offset) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_~malloc_#res.offset|)) 0) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~q~1.offset) 4) (= (select |c_#length| v_idx_152) v_v_39_1) (<= (- |c_main_read~int_#sizeOfReadType| (- |c_main_~malloc_#res.offset|)) 4) (<= (- (- |c_main_read~int_#ptr.offset|) (- c_main_~malloc_~size)) 400) (<= (+ |c_main_read~int_#ptr.offset| |c_main_read~int_#sizeOfReadType|) 4) (<= 0 (+ |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|)) (<= (+ c_main_~q~1.offset |c_main_read~int_#sizeOfReadType|) 4) (<= (- (- |c_main_~malloc_#res.offset|) |c_main_~malloc_#res.offset|) 0) (<= (- |c_main_~malloc_#res.offset| c_main_~p~1.offset) 0) (<= (+ c_main_~q~1.offset c_main_~malloc_~size) 400) (<= (* 2 |c_main_read~int_#ptr.offset|) 0) (<= (- (- c_main_~q~1.offset) c_main_~q~1.offset) 0) (<= (+ c_main_~q~1.offset 400) c_main_~malloc_~size) (<= 400 (+ c_main_~q~1.offset c_main_~malloc_~size)) (<= (- |c_main_~malloc_#res.offset| (- c_main_~p~1.offset)) 0) (<= (- (- |c_main_read~int_#ptr.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= (- (- |c_main_read~int_#sizeOfReadType|) (- c_main_~q~1.offset)) (- 4)) (<= 0 (+ |c_main_read~int_#ptr.offset| |c_main_#t~malloc0.offset|)) (<= (- (- |c_main_#t~malloc0.offset|) (- |c_main_read~int_#sizeOfReadType|)) 4) (<= 400 (+ |c_main_read~int_#ptr.offset| c_main_~malloc_~size)) (<= c_main_~q~1.offset |c_main_#t~malloc0.offset|) (<= (- c_main_~malloc_~size c_main_~p~1.offset) 400) (or (= (select v_v_44_1 v_idx_156) v_v_46_1) (<= 0 (+ c_main_~q~1.offset v_idx_156))) (<= (- |c_main_#t~malloc0.offset| (- |c_main_read~int_#ptr.offset|)) 0) (<= (- (- c_main_~malloc_~size) c_main_~malloc_~size) (- 800)) (<= (- (- |c_main_#t~malloc0.offset|) |c_main_#t~malloc0.offset|) 0) (<= (+ c_main_~q~1.offset 4) |c_main_read~int_#sizeOfReadType|) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~q~1.offset) 0) (<= (+ |c_main_read~int_#ptr.offset| c_main_~p~1.offset) 0) (<= (- (- |c_main_~malloc_#res.offset|) c_main_~p~1.offset) 0) (<= (- |c_main_~malloc_#res.offset| (- |c_main_~malloc_#res.offset|)) 0) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_150)) (<= (- (- |c_main_#t~mem1|) (- |c_main_read~int_#value|)) 0) (<= (- c_main_~q~1.offset (- c_main_~q~1.offset)) 0) (<= (- (- |c_main_#t~malloc0.offset|) (- c_main_~malloc_~size)) 400) (<= (- |c_main_read~int_#sizeOfReadType| c_main_~p~1.offset) 4) (<= (+ c_main_~q~1.offset c_main_~p~1.offset) 0) (<= (- |c_main_read~int_#sizeOfReadType| (- c_main_~q~1.offset)) 4) (<= (- c_main_~p~1.offset (- c_main_~p~1.offset)) 0) (<= c_main_~p~1.offset c_main_~q~1.offset) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~q~1.offset) 0) (<= (- (- c_main_~p~1.offset) c_main_~q~1.offset) 0) (<= |c_main_read~int_#ptr.offset| |c_main_~malloc_#res.offset|) (<= (- (- |c_main_read~int_#ptr.offset|) c_main_~p~1.offset) 0) (<= (- (- |c_main_read~int_#ptr.offset|) |c_main_~malloc_#res.offset|) 0) (<= c_main_~q~1.offset |c_main_~malloc_#res.offset|))))} [2019-01-18 14:45:13,988 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-18 14:45:13,989 WARN L268 ngHoareTripleChecker]: -- [2019-01-18 14:45:13,989 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-18 14:45:14,143 WARN L270 ngHoareTripleChecker]: Pre: {2147483637#(and (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_read~int_#ptr.offset|) (- main_~p~1.offset)) 0) (<= 0 (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|)) (<= (- (- main_~malloc_~size) (- main_~p~1.offset)) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) (- main_~q~1.offset)) 0) (<= (* 2 |main_~malloc_#res.offset|) 0) (<= (- |main_#t~malloc0.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- (- |main_read~int_#sizeOfReadType|) |main_~malloc_#res.offset|) (- 4)) (<= (- (- |main_~malloc_#res.offset|) main_~malloc_~size) (- 400)) (<= (- |main_read~int_#ptr.offset| main_~malloc_~size) (- 400)) (<= (- (- main_~malloc_~size) main_~p~1.offset) (- 400)) (<= (- (- |main_~malloc_#res.offset|) (- main_~p~1.offset)) 0) |main_#t~short2| (<= (- |main_read~int_#ptr.offset| main_~q~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~malloc_~size) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~malloc_~size) (- 404)) (<= (- (- |main_~malloc_#res.offset|) (- main_~malloc_~size)) 400) (<= main_~p~1.offset |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~p~1.offset)) (- 4)) (forall ((v_idx_140 Int)) (or (<= (+ |main_~malloc_#res.base| 1) v_idx_140) (< v_idx_140 |main_~malloc_#res.base|) (= (+ |main_~malloc_#res.offset| 400) (select |#length| v_idx_140)))) (<= (- main_~malloc_~size (- main_~p~1.offset)) 400) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- main_~p~1.offset)) 0) (<= (- |main_~malloc_#res.offset| (- main_~q~1.offset)) 0) (<= (+ main_~q~1.offset |main_~malloc_#res.offset|) 0) (<= (- |main_read~int_#ptr.offset| (- main_~q~1.offset)) 0) (<= (- |main_#t~malloc0.offset| (- |main_#t~malloc0.offset|)) 0) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- |main_read~int_#sizeOfReadType| (- main_~p~1.offset)) 4) (<= (- main_~malloc_~size (- main_~malloc_~size)) 800) (<= (- |main_read~int_#sizeOfReadType| |main_~malloc_#res.offset|) 4) (<= (- |main_read~int_#ptr.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#ptr.offset| main_~p~1.offset) 0) (<= (+ |main_~malloc_#res.offset| main_~malloc_~size) 400) (<= 0 (* 2 |main_~malloc_#res.offset|)) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#ptr.offset|) 0) (<= |main_~malloc_#res.offset| main_~p~1.offset) (<= (- |main_read~int_#ptr.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- main_~p~1.offset)) 0) (<= (- |main_#t~malloc0.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- |main_read~int_#sizeOfReadType|)) 8) (<= (- (- |main_read~int_#sizeOfReadType|) |main_read~int_#sizeOfReadType|) (- 8)) (<= (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|) 4) (<= 0 (+ main_~q~1.offset |main_~malloc_#res.offset|)) (<= (- |main_read~int_#sizeOfReadType| (- main_~malloc_~size)) 404) (<= (- (- main_~p~1.offset) main_~p~1.offset) 0) (<= (- (- |main_#t~malloc0.offset|) main_~malloc_~size) (- 400)) (<= (- |main_#t~malloc0.offset| |main_read~int_#ptr.offset|) 0) (<= (- (- |main_#t~malloc0.offset|) |main_read~int_#sizeOfReadType|) (- 4)) (<= (- |main_#t~malloc0.offset| main_~q~1.offset) 0) (<= main_~malloc_~size (+ |main_~malloc_#res.offset| 400)) (<= (- |main_read~int_#ptr.offset| (- main_~malloc_~size)) 400) (<= |main_read~int_#sizeOfReadType| (+ |main_~malloc_#res.offset| 4)) (<= (- |main_read~int_#sizeOfReadType| main_~malloc_~size) (- 396)) (<= 4 (+ |main_~malloc_#res.offset| |main_read~int_#sizeOfReadType|)) (<= (- (- |main_read~int_#ptr.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- main_~malloc_~size main_~q~1.offset) 400) (<= (- (- |main_read~int_#sizeOfReadType|) (- |main_~malloc_#res.offset|)) (- 4)) (<= (- main_~malloc_~size (- main_~q~1.offset)) 400) (<= (- |main_#t~malloc0.offset| main_~malloc_~size) (- 400)) (<= (- main_~p~1.offset main_~q~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- main_~malloc_~size)) 400) (<= (- (- |main_#t~malloc0.offset|) (- main_~q~1.offset)) 0) (<= (- main_~p~1.offset (- main_~q~1.offset)) 0) (<= (- (- main_~p~1.offset) (- main_~q~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- main_~q~1.offset)) 0) (<= (- (- main_~malloc_~size) main_~q~1.offset) (- 400)) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~malloc_~size)) 396) (<= (- (- main_~malloc_~size) (- main_~q~1.offset)) (- 400)) (<= (- |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= (- (- |main_read~int_#sizeOfReadType|) main_~p~1.offset) (- 4)) (<= (- (- |main_read~int_#sizeOfReadType|) main_~q~1.offset) (- 4)) (<= |main_~malloc_#res.offset| |main_read~int_#ptr.offset|) (<= (- |main_read~int_#ptr.offset| (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_#t~malloc0.offset|) |main_~malloc_#res.offset|) 0) (<= (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) 0) (<= |main_~malloc_#res.offset| main_~q~1.offset) (<= (- |main_~malloc_#res.offset| main_~malloc_~size) (- 400)) (<= (- |main_~malloc_#res.offset| main_~q~1.offset) 0) (<= (- |main_#t~malloc0.offset| (- main_~q~1.offset)) 0) (<= (- |main_read~int_#ptr.offset| |main_read~int_#sizeOfReadType|) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_~malloc_#res.offset|)) 0) (<= (- |main_read~int_#sizeOfReadType| main_~q~1.offset) 4) (<= (- |main_read~int_#sizeOfReadType| (- |main_~malloc_#res.offset|)) 4) (<= (- (- |main_read~int_#ptr.offset|) (- main_~malloc_~size)) 400) (<= 0 (+ |main_~malloc_#res.offset| main_~p~1.offset)) (<= 0 (+ |main_read~int_#ptr.offset| |main_~malloc_#res.offset|)) (<= (+ |main_~malloc_#res.offset| 4) |main_read~int_#sizeOfReadType|) (<= (- (- |main_~malloc_#res.offset|) |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- (- main_~q~1.offset) main_~q~1.offset) 0) (<= |main_~malloc_#res.offset| |main_#t~malloc0.offset|) (<= (+ |main_#t~malloc0.offset| |main_~malloc_#res.offset|) 0) (<= (- |main_~malloc_#res.offset| (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (- (- |main_read~int_#sizeOfReadType|) (- main_~q~1.offset)) (- 4)) (<= (- (- |main_#t~malloc0.offset|) (- |main_read~int_#sizeOfReadType|)) 4) (<= (+ |main_~malloc_#res.offset| 400) main_~malloc_~size) (<= 400 (+ |main_~malloc_#res.offset| main_~malloc_~size)) (<= (- main_~malloc_~size main_~p~1.offset) 400) (<= (- |main_#t~malloc0.offset| (- |main_read~int_#ptr.offset|)) 0) (<= (- (- main_~malloc_~size) main_~malloc_~size) (- 800)) (<= (- (- |main_#t~malloc0.offset|) |main_#t~malloc0.offset|) 0) (<= (- (- |main_~malloc_#res.offset|) main_~q~1.offset) 0) (<= (- (- |main_~malloc_#res.offset|) main_~p~1.offset) 0) (<= (- |main_~malloc_#res.offset| (- |main_~malloc_#res.offset|)) 0) (<= (- main_~q~1.offset (- main_~q~1.offset)) 0) (<= (- (- |main_#t~malloc0.offset|) (- main_~malloc_~size)) 400) (<= (- |main_read~int_#sizeOfReadType| main_~p~1.offset) 4) (<= |main_#t~malloc0.offset| |main_~malloc_#res.offset|) (<= (+ |main_~malloc_#res.offset| main_~p~1.offset) 0) (<= (- |main_read~int_#sizeOfReadType| (- main_~q~1.offset)) 4) (<= (- main_~p~1.offset (- main_~p~1.offset)) 0) (<= (- (- |main_read~int_#ptr.offset|) main_~q~1.offset) 0) (<= (- (- main_~p~1.offset) main_~q~1.offset) 0) (<= |main_read~int_#ptr.offset| |main_~malloc_#res.offset|) (<= (- (- |main_read~int_#ptr.offset|) main_~p~1.offset) 0) (<= (- (- |main_read~int_#ptr.offset|) |main_~malloc_#res.offset|) 0) (<= main_~q~1.offset |main_~malloc_#res.offset|))} [2019-01-18 14:45:14,143 WARN L274 ngHoareTripleChecker]: Action: assume read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base];assume #valid[read~int_#ptr.base];assume read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base];havoc read~int_#value;assume read~int_#value == #memory_int[read~int_#ptr.base,read~int_#ptr.offset];#t~mem1 := read~int_#value;#t~short2 := #t~mem1 >= 0; [2019-01-18 14:45:14,144 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= |c_main_#t~mem1_primed| |c_main_read~int_#value_primed|) (or (and (not (<= 0 |c_main_#t~mem1_primed|)) (not |c_main_#t~short2_primed|)) (and |c_main_#t~short2_primed| (<= 0 |c_main_#t~mem1_primed|))) (<= (+ |c_main_read~int_#sizeOfReadType| |c_main_read~int_#ptr.offset|) (select |c_#length| |c_main_read~int_#ptr.base|)) (select |c_#valid| |c_main_read~int_#ptr.base|) (= |c_main_read~int_#value_primed| (select (select |c_#memory_int| |c_main_read~int_#ptr.base|) |c_main_read~int_#ptr.offset|))) [2019-01-18 14:45:14,467 WARN L138 XnfTransformerHelper]: expecting exponential blowup for input size 8