java -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AutomizerBplInline.xml -i ../../../trunk/examples/programs/20181010-MemSafetyPathprograms/ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl -------------------------------------------------------------------------------- This is Ultimate 0.1.24-b8c145f [2019-08-05 10:59:12,517 INFO L177 SettingsManager]: Resetting all preferences to default values... [2019-08-05 10:59:12,519 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2019-08-05 10:59:12,531 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-08-05 10:59:12,532 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-08-05 10:59:12,533 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-08-05 10:59:12,534 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-08-05 10:59:12,536 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2019-08-05 10:59:12,538 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-08-05 10:59:12,539 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-08-05 10:59:12,540 INFO L181 SettingsManager]: Resetting Symbolic Interpretation preferences to default values [2019-08-05 10:59:12,540 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-08-05 10:59:12,541 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-08-05 10:59:12,542 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-08-05 10:59:12,543 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-08-05 10:59:12,544 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-08-05 10:59:12,545 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-08-05 10:59:12,546 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-08-05 10:59:12,548 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-08-05 10:59:12,550 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2019-08-05 10:59:12,552 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-08-05 10:59:12,553 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-08-05 10:59:12,554 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2019-08-05 10:59:12,555 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-08-05 10:59:12,557 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-08-05 10:59:12,558 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-08-05 10:59:12,558 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-08-05 10:59:12,559 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2019-08-05 10:59:12,559 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-08-05 10:59:12,560 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2019-08-05 10:59:12,561 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-08-05 10:59:12,561 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2019-08-05 10:59:12,562 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-08-05 10:59:12,563 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2019-08-05 10:59:12,564 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-08-05 10:59:12,564 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2019-08-05 10:59:12,565 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-08-05 10:59:12,565 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-08-05 10:59:12,566 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2019-08-05 10:59:12,567 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2019-08-05 10:59:12,567 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2019-08-05 10:59:12,597 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-08-05 10:59:12,616 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-08-05 10:59:12,620 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-08-05 10:59:12,622 INFO L271 PluginConnector]: Initializing Boogie PL CUP Parser... [2019-08-05 10:59:12,623 INFO L275 PluginConnector]: Boogie PL CUP Parser initialized [2019-08-05 10:59:12,623 INFO L428 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/20181010-MemSafetyPathprograms/ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl [2019-08-05 10:59:12,624 INFO L110 BoogieParser]: Parsing: '/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/20181010-MemSafetyPathprograms/ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl' [2019-08-05 10:59:12,684 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-08-05 10:59:12,686 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-08-05 10:59:12,687 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2019-08-05 10:59:12,687 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2019-08-05 10:59:12,687 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2019-08-05 10:59:12,704 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,718 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,727 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2019-08-05 10:59:12,728 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-08-05 10:59:12,728 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-08-05 10:59:12,728 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2019-08-05 10:59:12,740 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,740 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,742 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,743 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,748 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,750 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,752 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... [2019-08-05 10:59:12,754 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-08-05 10:59:12,755 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-08-05 10:59:12,755 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-08-05 10:59:12,756 INFO L275 PluginConnector]: RCFGBuilder initialized [2019-08-05 10:59:12,757 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2019-08-05 10:59:12,838 INFO L124 BoogieDeclarations]: Specification and implementation of procedure ULTIMATE.start given in one single declaration [2019-08-05 10:59:12,838 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2019-08-05 10:59:12,838 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2019-08-05 10:59:13,229 INFO L278 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2019-08-05 10:59:13,230 INFO L283 CfgBuilder]: Removed 0 assume(true) statements. [2019-08-05 10:59:13,231 INFO L202 PluginConnector]: Adding new model ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 05.08 10:59:13 BoogieIcfgContainer [2019-08-05 10:59:13,231 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-08-05 10:59:13,232 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2019-08-05 10:59:13,233 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2019-08-05 10:59:13,236 INFO L275 PluginConnector]: TraceAbstraction initialized [2019-08-05 10:59:13,236 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:59:12" (1/2) ... [2019-08-05 10:59:13,237 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@dd4e33c and model type ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.08 10:59:13, skipping insertion in model container [2019-08-05 10:59:13,237 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 05.08 10:59:13" (2/2) ... [2019-08-05 10:59:13,239 INFO L109 eAbstractionObserver]: Analyzing ICFG ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl [2019-08-05 10:59:13,247 INFO L152 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:ForwardPredicates Determinization: PREDICATE_ABSTRACTION [2019-08-05 10:59:13,253 INFO L164 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2019-08-05 10:59:13,269 INFO L252 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2019-08-05 10:59:13,295 INFO L128 ementStrategyFactory]: Using default assertion order modulation [2019-08-05 10:59:13,296 INFO L377 AbstractCegarLoop]: Interprodecural is true [2019-08-05 10:59:13,296 INFO L378 AbstractCegarLoop]: Hoare is false [2019-08-05 10:59:13,296 INFO L379 AbstractCegarLoop]: Compute interpolants for ForwardPredicates [2019-08-05 10:59:13,296 INFO L380 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2019-08-05 10:59:13,296 INFO L381 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2019-08-05 10:59:13,296 INFO L382 AbstractCegarLoop]: Difference is false [2019-08-05 10:59:13,297 INFO L383 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2019-08-05 10:59:13,297 INFO L388 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2019-08-05 10:59:13,308 INFO L276 IsEmpty]: Start isEmpty. Operand 7 states. [2019-08-05 10:59:13,315 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 6 [2019-08-05 10:59:13,316 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:13,316 INFO L399 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1] [2019-08-05 10:59:13,319 INFO L418 AbstractCegarLoop]: === Iteration 1 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:13,324 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:13,324 INFO L82 PathProgramCache]: Analyzing trace with hash 28695880, now seen corresponding path program 1 times [2019-08-05 10:59:13,372 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:13,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:13,459 INFO L256 TraceCheckSpWp]: Trace formula consists of 68 conjuncts, 14 conjunts are in the unsatisfiable core [2019-08-05 10:59:13,464 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:13,525 INFO L392 ElimStorePlain]: Different costs {0=[|v_#length_7|], 2=[|v_#valid_8|]} [2019-08-05 10:59:13,543 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:13,557 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 11 [2019-08-05 10:59:13,558 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:13,641 INFO L567 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:13,719 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 34 [2019-08-05 10:59:13,721 INFO L496 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:13,831 WARN L188 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 21 DAG size of output: 17 [2019-08-05 10:59:13,832 INFO L567 ElimStorePlain]: treesize reduction 13, result has 61.8 percent of original size [2019-08-05 10:59:13,833 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:13,834 INFO L221 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:27, output treesize:12 [2019-08-05 10:59:13,933 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-08-05 10:59:13,936 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-08-05 10:59:13,936 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2019-08-05 10:59:13,939 INFO L454 AbstractCegarLoop]: Interpolant automaton has 4 states [2019-08-05 10:59:13,951 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2019-08-05 10:59:13,952 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2019-08-05 10:59:13,955 INFO L87 Difference]: Start difference. First operand 7 states. Second operand 4 states. [2019-08-05 10:59:14,221 WARN L188 SmtUtils]: Spent 165.00 ms on a formula simplification that was a NOOP. DAG size: 19 [2019-08-05 10:59:14,363 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:14,363 INFO L93 Difference]: Finished difference Result 11 states and 14 transitions. [2019-08-05 10:59:14,364 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2019-08-05 10:59:14,365 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 5 [2019-08-05 10:59:14,365 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:14,374 INFO L225 Difference]: With dead ends: 11 [2019-08-05 10:59:14,375 INFO L226 Difference]: Without dead ends: 11 [2019-08-05 10:59:14,377 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2019-08-05 10:59:14,394 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11 states. [2019-08-05 10:59:14,407 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11 to 9. [2019-08-05 10:59:14,408 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2019-08-05 10:59:14,409 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 11 transitions. [2019-08-05 10:59:14,410 INFO L78 Accepts]: Start accepts. Automaton has 9 states and 11 transitions. Word has length 5 [2019-08-05 10:59:14,411 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:14,411 INFO L475 AbstractCegarLoop]: Abstraction has 9 states and 11 transitions. [2019-08-05 10:59:14,411 INFO L476 AbstractCegarLoop]: Interpolant automaton has 4 states. [2019-08-05 10:59:14,411 INFO L276 IsEmpty]: Start isEmpty. Operand 9 states and 11 transitions. [2019-08-05 10:59:14,412 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 9 [2019-08-05 10:59:14,412 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:14,412 INFO L399 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1] [2019-08-05 10:59:14,412 INFO L418 AbstractCegarLoop]: === Iteration 2 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:14,413 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:14,413 INFO L82 PathProgramCache]: Analyzing trace with hash 181876500, now seen corresponding path program 1 times [2019-08-05 10:59:14,414 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:14,476 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:14,480 INFO L256 TraceCheckSpWp]: Trace formula consists of 112 conjuncts, 6 conjunts are in the unsatisfiable core [2019-08-05 10:59:14,482 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:14,630 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-08-05 10:59:14,630 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:14,630 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [4] total 4 [2019-08-05 10:59:14,632 INFO L454 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-08-05 10:59:14,632 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-08-05 10:59:14,633 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2019-08-05 10:59:14,633 INFO L87 Difference]: Start difference. First operand 9 states and 11 transitions. Second operand 5 states. [2019-08-05 10:59:14,715 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:14,716 INFO L93 Difference]: Finished difference Result 10 states and 12 transitions. [2019-08-05 10:59:14,716 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2019-08-05 10:59:14,716 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 8 [2019-08-05 10:59:14,716 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:14,717 INFO L225 Difference]: With dead ends: 10 [2019-08-05 10:59:14,717 INFO L226 Difference]: Without dead ends: 10 [2019-08-05 10:59:14,718 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2019-08-05 10:59:14,718 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10 states. [2019-08-05 10:59:14,720 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10 to 10. [2019-08-05 10:59:14,721 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2019-08-05 10:59:14,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 12 transitions. [2019-08-05 10:59:14,722 INFO L78 Accepts]: Start accepts. Automaton has 10 states and 12 transitions. Word has length 8 [2019-08-05 10:59:14,722 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:14,722 INFO L475 AbstractCegarLoop]: Abstraction has 10 states and 12 transitions. [2019-08-05 10:59:14,722 INFO L476 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-08-05 10:59:14,722 INFO L276 IsEmpty]: Start isEmpty. Operand 10 states and 12 transitions. [2019-08-05 10:59:14,723 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 10 [2019-08-05 10:59:14,723 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:14,723 INFO L399 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1] [2019-08-05 10:59:14,726 INFO L418 AbstractCegarLoop]: === Iteration 3 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:14,726 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:14,726 INFO L82 PathProgramCache]: Analyzing trace with hash 1343257913, now seen corresponding path program 1 times [2019-08-05 10:59:14,727 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:14,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:14,802 INFO L256 TraceCheckSpWp]: Trace formula consists of 130 conjuncts, 23 conjunts are in the unsatisfiable core [2019-08-05 10:59:14,804 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:14,824 INFO L392 ElimStorePlain]: Different costs {0=[|v_#length_8|], 2=[|v_#valid_9|]} [2019-08-05 10:59:14,865 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:14,867 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 11 [2019-08-05 10:59:14,868 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:14,920 INFO L567 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:14,960 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 21 [2019-08-05 10:59:14,961 INFO L496 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 2 xjuncts. [2019-08-05 10:59:15,049 INFO L567 ElimStorePlain]: treesize reduction 14, result has 56.3 percent of original size [2019-08-05 10:59:15,051 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:15,052 INFO L221 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:24, output treesize:9 [2019-08-05 10:59:15,318 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2019-08-05 10:59:15,320 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:15,320 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [5] total 5 [2019-08-05 10:59:15,322 INFO L454 AbstractCegarLoop]: Interpolant automaton has 6 states [2019-08-05 10:59:15,322 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2019-08-05 10:59:15,322 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2019-08-05 10:59:15,323 INFO L87 Difference]: Start difference. First operand 10 states and 12 transitions. Second operand 6 states. [2019-08-05 10:59:15,618 WARN L188 SmtUtils]: Spent 236.00 ms on a formula simplification that was a NOOP. DAG size: 29 [2019-08-05 10:59:15,876 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:15,876 INFO L93 Difference]: Finished difference Result 20 states and 27 transitions. [2019-08-05 10:59:15,876 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2019-08-05 10:59:15,877 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 9 [2019-08-05 10:59:15,877 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:15,878 INFO L225 Difference]: With dead ends: 20 [2019-08-05 10:59:15,878 INFO L226 Difference]: Without dead ends: 20 [2019-08-05 10:59:15,878 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:59:15,879 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 20 states. [2019-08-05 10:59:15,881 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 20 to 11. [2019-08-05 10:59:15,881 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2019-08-05 10:59:15,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 14 transitions. [2019-08-05 10:59:15,882 INFO L78 Accepts]: Start accepts. Automaton has 11 states and 14 transitions. Word has length 9 [2019-08-05 10:59:15,882 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:15,882 INFO L475 AbstractCegarLoop]: Abstraction has 11 states and 14 transitions. [2019-08-05 10:59:15,882 INFO L476 AbstractCegarLoop]: Interpolant automaton has 6 states. [2019-08-05 10:59:15,882 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 14 transitions. [2019-08-05 10:59:15,883 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2019-08-05 10:59:15,883 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:15,883 INFO L399 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1] [2019-08-05 10:59:15,883 INFO L418 AbstractCegarLoop]: === Iteration 4 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:15,884 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:15,884 INFO L82 PathProgramCache]: Analyzing trace with hash -1308623948, now seen corresponding path program 2 times [2019-08-05 10:59:15,885 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:15,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:15,970 INFO L256 TraceCheckSpWp]: Trace formula consists of 148 conjuncts, 7 conjunts are in the unsatisfiable core [2019-08-05 10:59:15,971 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:16,156 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 5 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-08-05 10:59:16,156 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:16,156 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [5] total 5 [2019-08-05 10:59:16,157 INFO L454 AbstractCegarLoop]: Interpolant automaton has 6 states [2019-08-05 10:59:16,157 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2019-08-05 10:59:16,157 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2019-08-05 10:59:16,158 INFO L87 Difference]: Start difference. First operand 11 states and 14 transitions. Second operand 6 states. [2019-08-05 10:59:16,274 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:16,275 INFO L93 Difference]: Finished difference Result 20 states and 23 transitions. [2019-08-05 10:59:16,276 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2019-08-05 10:59:16,276 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 10 [2019-08-05 10:59:16,277 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:16,277 INFO L225 Difference]: With dead ends: 20 [2019-08-05 10:59:16,277 INFO L226 Difference]: Without dead ends: 20 [2019-08-05 10:59:16,278 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=36, Invalid=54, Unknown=0, NotChecked=0, Total=90 [2019-08-05 10:59:16,278 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 20 states. [2019-08-05 10:59:16,282 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 20 to 16. [2019-08-05 10:59:16,283 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 16 states. [2019-08-05 10:59:16,283 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 16 states to 16 states and 19 transitions. [2019-08-05 10:59:16,283 INFO L78 Accepts]: Start accepts. Automaton has 16 states and 19 transitions. Word has length 10 [2019-08-05 10:59:16,284 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:16,284 INFO L475 AbstractCegarLoop]: Abstraction has 16 states and 19 transitions. [2019-08-05 10:59:16,284 INFO L476 AbstractCegarLoop]: Interpolant automaton has 6 states. [2019-08-05 10:59:16,284 INFO L276 IsEmpty]: Start isEmpty. Operand 16 states and 19 transitions. [2019-08-05 10:59:16,285 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 15 [2019-08-05 10:59:16,285 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:16,285 INFO L399 BasicCegarLoop]: trace histogram [3, 3, 3, 2, 1, 1, 1] [2019-08-05 10:59:16,285 INFO L418 AbstractCegarLoop]: === Iteration 5 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:16,285 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:16,286 INFO L82 PathProgramCache]: Analyzing trace with hash 967879267, now seen corresponding path program 3 times [2019-08-05 10:59:16,287 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:16,397 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:16,404 INFO L256 TraceCheckSpWp]: Trace formula consists of 210 conjuncts, 20 conjunts are in the unsatisfiable core [2019-08-05 10:59:16,406 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:16,423 INFO L392 ElimStorePlain]: Different costs {0=[|v_#length_9|], 2=[|v_#valid_10|]} [2019-08-05 10:59:16,441 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:16,443 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 11 [2019-08-05 10:59:16,444 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:16,469 INFO L567 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:16,494 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 34 [2019-08-05 10:59:16,496 INFO L496 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:16,572 INFO L567 ElimStorePlain]: treesize reduction 13, result has 61.8 percent of original size [2019-08-05 10:59:16,573 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:16,574 INFO L221 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:27, output treesize:12 [2019-08-05 10:59:16,712 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 19 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2019-08-05 10:59:16,712 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:16,713 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [7] total 7 [2019-08-05 10:59:16,713 INFO L454 AbstractCegarLoop]: Interpolant automaton has 8 states [2019-08-05 10:59:16,713 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2019-08-05 10:59:16,714 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=38, Unknown=0, NotChecked=0, Total=56 [2019-08-05 10:59:16,726 INFO L87 Difference]: Start difference. First operand 16 states and 19 transitions. Second operand 8 states. [2019-08-05 10:59:17,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:17,104 INFO L93 Difference]: Finished difference Result 26 states and 32 transitions. [2019-08-05 10:59:17,104 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2019-08-05 10:59:17,104 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 14 [2019-08-05 10:59:17,105 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:17,106 INFO L225 Difference]: With dead ends: 26 [2019-08-05 10:59:17,106 INFO L226 Difference]: Without dead ends: 26 [2019-08-05 10:59:17,107 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=53, Invalid=103, Unknown=0, NotChecked=0, Total=156 [2019-08-05 10:59:17,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 26 states. [2019-08-05 10:59:17,110 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 26 to 19. [2019-08-05 10:59:17,110 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 19 states. [2019-08-05 10:59:17,111 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 22 transitions. [2019-08-05 10:59:17,111 INFO L78 Accepts]: Start accepts. Automaton has 19 states and 22 transitions. Word has length 14 [2019-08-05 10:59:17,111 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:17,111 INFO L475 AbstractCegarLoop]: Abstraction has 19 states and 22 transitions. [2019-08-05 10:59:17,111 INFO L476 AbstractCegarLoop]: Interpolant automaton has 8 states. [2019-08-05 10:59:17,111 INFO L276 IsEmpty]: Start isEmpty. Operand 19 states and 22 transitions. [2019-08-05 10:59:17,112 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2019-08-05 10:59:17,112 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:17,112 INFO L399 BasicCegarLoop]: trace histogram [4, 4, 4, 3, 1, 1, 1] [2019-08-05 10:59:17,113 INFO L418 AbstractCegarLoop]: === Iteration 6 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:17,113 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:17,113 INFO L82 PathProgramCache]: Analyzing trace with hash 117205394, now seen corresponding path program 4 times [2019-08-05 10:59:17,114 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:17,160 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:17,164 INFO L256 TraceCheckSpWp]: Trace formula consists of 272 conjuncts, 8 conjunts are in the unsatisfiable core [2019-08-05 10:59:17,168 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:17,334 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 28 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2019-08-05 10:59:17,334 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:17,334 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6] total 6 [2019-08-05 10:59:17,335 INFO L454 AbstractCegarLoop]: Interpolant automaton has 7 states [2019-08-05 10:59:17,335 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2019-08-05 10:59:17,335 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2019-08-05 10:59:17,335 INFO L87 Difference]: Start difference. First operand 19 states and 22 transitions. Second operand 7 states. [2019-08-05 10:59:17,414 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:17,414 INFO L93 Difference]: Finished difference Result 20 states and 22 transitions. [2019-08-05 10:59:17,421 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2019-08-05 10:59:17,421 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 18 [2019-08-05 10:59:17,422 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:17,422 INFO L225 Difference]: With dead ends: 20 [2019-08-05 10:59:17,422 INFO L226 Difference]: Without dead ends: 20 [2019-08-05 10:59:17,423 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=43, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:59:17,423 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 20 states. [2019-08-05 10:59:17,425 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 20 to 20. [2019-08-05 10:59:17,425 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20 states. [2019-08-05 10:59:17,426 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 20 states to 20 states and 22 transitions. [2019-08-05 10:59:17,426 INFO L78 Accepts]: Start accepts. Automaton has 20 states and 22 transitions. Word has length 18 [2019-08-05 10:59:17,426 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:17,426 INFO L475 AbstractCegarLoop]: Abstraction has 20 states and 22 transitions. [2019-08-05 10:59:17,426 INFO L476 AbstractCegarLoop]: Interpolant automaton has 7 states. [2019-08-05 10:59:17,427 INFO L276 IsEmpty]: Start isEmpty. Operand 20 states and 22 transitions. [2019-08-05 10:59:17,427 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2019-08-05 10:59:17,427 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:17,427 INFO L399 BasicCegarLoop]: trace histogram [5, 4, 4, 3, 1, 1, 1] [2019-08-05 10:59:17,428 INFO L418 AbstractCegarLoop]: === Iteration 7 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:17,428 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:17,428 INFO L82 PathProgramCache]: Analyzing trace with hash 1708140409, now seen corresponding path program 5 times [2019-08-05 10:59:17,429 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:17,490 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:17,494 INFO L256 TraceCheckSpWp]: Trace formula consists of 290 conjuncts, 10 conjunts are in the unsatisfiable core [2019-08-05 10:59:17,496 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:17,657 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 23 proven. 21 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2019-08-05 10:59:17,658 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:17,658 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8] total 8 [2019-08-05 10:59:17,659 INFO L454 AbstractCegarLoop]: Interpolant automaton has 9 states [2019-08-05 10:59:17,659 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2019-08-05 10:59:17,659 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=48, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:59:17,660 INFO L87 Difference]: Start difference. First operand 20 states and 22 transitions. Second operand 9 states. [2019-08-05 10:59:17,822 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:17,822 INFO L93 Difference]: Finished difference Result 21 states and 23 transitions. [2019-08-05 10:59:17,823 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2019-08-05 10:59:17,823 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 19 [2019-08-05 10:59:17,823 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:17,824 INFO L225 Difference]: With dead ends: 21 [2019-08-05 10:59:17,824 INFO L226 Difference]: Without dead ends: 21 [2019-08-05 10:59:17,825 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=51, Invalid=81, Unknown=0, NotChecked=0, Total=132 [2019-08-05 10:59:17,825 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 21 states. [2019-08-05 10:59:17,827 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 21 to 21. [2019-08-05 10:59:17,827 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21 states. [2019-08-05 10:59:17,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 23 transitions. [2019-08-05 10:59:17,828 INFO L78 Accepts]: Start accepts. Automaton has 21 states and 23 transitions. Word has length 19 [2019-08-05 10:59:17,828 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:17,828 INFO L475 AbstractCegarLoop]: Abstraction has 21 states and 23 transitions. [2019-08-05 10:59:17,828 INFO L476 AbstractCegarLoop]: Interpolant automaton has 9 states. [2019-08-05 10:59:17,828 INFO L276 IsEmpty]: Start isEmpty. Operand 21 states and 23 transitions. [2019-08-05 10:59:17,829 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2019-08-05 10:59:17,829 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:17,829 INFO L399 BasicCegarLoop]: trace histogram [6, 4, 4, 3, 1, 1, 1] [2019-08-05 10:59:17,829 INFO L418 AbstractCegarLoop]: === Iteration 8 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:17,829 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:17,830 INFO L82 PathProgramCache]: Analyzing trace with hash 1412798836, now seen corresponding path program 6 times [2019-08-05 10:59:17,830 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:17,923 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:17,928 INFO L256 TraceCheckSpWp]: Trace formula consists of 308 conjuncts, 23 conjunts are in the unsatisfiable core [2019-08-05 10:59:17,931 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:17,947 INFO L392 ElimStorePlain]: Different costs {0=[|v_#length_10|], 2=[|v_#valid_11|]} [2019-08-05 10:59:17,970 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:17,973 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 11 [2019-08-05 10:59:17,974 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:18,017 INFO L567 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:18,024 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 21 [2019-08-05 10:59:18,025 INFO L496 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 2 xjuncts. [2019-08-05 10:59:18,063 INFO L567 ElimStorePlain]: treesize reduction 14, result has 60.0 percent of original size [2019-08-05 10:59:18,065 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:18,065 INFO L221 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:27, output treesize:12 [2019-08-05 10:59:18,147 INFO L134 CoverageAnalysis]: Checked inductivity of 57 backedges. 0 proven. 47 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-08-05 10:59:18,147 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:18,147 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6] total 6 [2019-08-05 10:59:18,148 INFO L454 AbstractCegarLoop]: Interpolant automaton has 7 states [2019-08-05 10:59:18,148 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2019-08-05 10:59:18,148 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2019-08-05 10:59:18,149 INFO L87 Difference]: Start difference. First operand 21 states and 23 transitions. Second operand 7 states. [2019-08-05 10:59:18,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:18,320 INFO L93 Difference]: Finished difference Result 32 states and 36 transitions. [2019-08-05 10:59:18,321 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2019-08-05 10:59:18,321 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 20 [2019-08-05 10:59:18,322 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:18,322 INFO L225 Difference]: With dead ends: 32 [2019-08-05 10:59:18,322 INFO L226 Difference]: Without dead ends: 32 [2019-08-05 10:59:18,323 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2019-08-05 10:59:18,323 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32 states. [2019-08-05 10:59:18,325 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32 to 27. [2019-08-05 10:59:18,326 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 27 states. [2019-08-05 10:59:18,326 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 27 states to 27 states and 30 transitions. [2019-08-05 10:59:18,327 INFO L78 Accepts]: Start accepts. Automaton has 27 states and 30 transitions. Word has length 20 [2019-08-05 10:59:18,327 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:18,327 INFO L475 AbstractCegarLoop]: Abstraction has 27 states and 30 transitions. [2019-08-05 10:59:18,327 INFO L476 AbstractCegarLoop]: Interpolant automaton has 7 states. [2019-08-05 10:59:18,327 INFO L276 IsEmpty]: Start isEmpty. Operand 27 states and 30 transitions. [2019-08-05 10:59:18,328 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2019-08-05 10:59:18,328 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:18,328 INFO L399 BasicCegarLoop]: trace histogram [9, 5, 5, 4, 1, 1, 1] [2019-08-05 10:59:18,329 INFO L418 AbstractCegarLoop]: === Iteration 9 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:18,329 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:18,329 INFO L82 PathProgramCache]: Analyzing trace with hash -262850619, now seen corresponding path program 7 times [2019-08-05 10:59:18,330 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:18,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:18,385 INFO L256 TraceCheckSpWp]: Trace formula consists of 406 conjuncts, 12 conjunts are in the unsatisfiable core [2019-08-05 10:59:18,388 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:18,832 INFO L134 CoverageAnalysis]: Checked inductivity of 111 backedges. 55 proven. 46 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-08-05 10:59:18,833 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:18,833 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [10] total 10 [2019-08-05 10:59:18,834 INFO L454 AbstractCegarLoop]: Interpolant automaton has 11 states [2019-08-05 10:59:18,834 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2019-08-05 10:59:18,834 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2019-08-05 10:59:18,834 INFO L87 Difference]: Start difference. First operand 27 states and 30 transitions. Second operand 11 states. [2019-08-05 10:59:19,092 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:19,093 INFO L93 Difference]: Finished difference Result 28 states and 31 transitions. [2019-08-05 10:59:19,093 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2019-08-05 10:59:19,093 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 26 [2019-08-05 10:59:19,094 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:19,095 INFO L225 Difference]: With dead ends: 28 [2019-08-05 10:59:19,095 INFO L226 Difference]: Without dead ends: 28 [2019-08-05 10:59:19,096 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 22 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=79, Invalid=131, Unknown=0, NotChecked=0, Total=210 [2019-08-05 10:59:19,096 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 28 states. [2019-08-05 10:59:19,099 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 28 to 28. [2019-08-05 10:59:19,099 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 28 states. [2019-08-05 10:59:19,099 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 28 states to 28 states and 31 transitions. [2019-08-05 10:59:19,100 INFO L78 Accepts]: Start accepts. Automaton has 28 states and 31 transitions. Word has length 26 [2019-08-05 10:59:19,100 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:19,100 INFO L475 AbstractCegarLoop]: Abstraction has 28 states and 31 transitions. [2019-08-05 10:59:19,100 INFO L476 AbstractCegarLoop]: Interpolant automaton has 11 states. [2019-08-05 10:59:19,100 INFO L276 IsEmpty]: Start isEmpty. Operand 28 states and 31 transitions. [2019-08-05 10:59:19,101 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2019-08-05 10:59:19,101 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:19,101 INFO L399 BasicCegarLoop]: trace histogram [10, 5, 5, 4, 1, 1, 1] [2019-08-05 10:59:19,101 INFO L418 AbstractCegarLoop]: === Iteration 10 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:19,102 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:19,102 INFO L82 PathProgramCache]: Analyzing trace with hash 441619112, now seen corresponding path program 8 times [2019-08-05 10:59:19,103 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:19,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:19,272 INFO L256 TraceCheckSpWp]: Trace formula consists of 424 conjuncts, 27 conjunts are in the unsatisfiable core [2019-08-05 10:59:19,276 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:19,536 WARN L188 SmtUtils]: Spent 183.00 ms on a formula simplification that was a NOOP. DAG size: 13 [2019-08-05 10:59:19,536 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:19,537 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:19,537 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:19,811 WARN L188 SmtUtils]: Spent 272.00 ms on a formula simplification. DAG size of input: 22 DAG size of output: 19 [2019-08-05 10:59:19,812 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:19,813 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:19,816 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-08-05 10:59:19,816 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:19,816 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:19,833 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:19,845 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:19,854 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:20,000 INFO L134 CoverageAnalysis]: Checked inductivity of 125 backedges. 0 proven. 105 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2019-08-05 10:59:20,000 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:20,000 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [7] total 7 [2019-08-05 10:59:20,001 INFO L454 AbstractCegarLoop]: Interpolant automaton has 8 states [2019-08-05 10:59:20,001 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2019-08-05 10:59:20,001 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2019-08-05 10:59:20,001 INFO L87 Difference]: Start difference. First operand 28 states and 31 transitions. Second operand 8 states. [2019-08-05 10:59:20,206 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:20,206 INFO L93 Difference]: Finished difference Result 41 states and 46 transitions. [2019-08-05 10:59:20,207 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2019-08-05 10:59:20,207 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 27 [2019-08-05 10:59:20,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:20,208 INFO L225 Difference]: With dead ends: 41 [2019-08-05 10:59:20,209 INFO L226 Difference]: Without dead ends: 41 [2019-08-05 10:59:20,209 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 18 SyntacticMatches, 2 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:59:20,209 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 41 states. [2019-08-05 10:59:20,213 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 41 to 35. [2019-08-05 10:59:20,213 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 35 states. [2019-08-05 10:59:20,214 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 35 states to 35 states and 39 transitions. [2019-08-05 10:59:20,214 INFO L78 Accepts]: Start accepts. Automaton has 35 states and 39 transitions. Word has length 27 [2019-08-05 10:59:20,214 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:20,214 INFO L475 AbstractCegarLoop]: Abstraction has 35 states and 39 transitions. [2019-08-05 10:59:20,215 INFO L476 AbstractCegarLoop]: Interpolant automaton has 8 states. [2019-08-05 10:59:20,215 INFO L276 IsEmpty]: Start isEmpty. Operand 35 states and 39 transitions. [2019-08-05 10:59:20,215 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2019-08-05 10:59:20,216 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:20,216 INFO L399 BasicCegarLoop]: trace histogram [14, 6, 6, 5, 1, 1, 1] [2019-08-05 10:59:20,216 INFO L418 AbstractCegarLoop]: === Iteration 11 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:20,216 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:20,216 INFO L82 PathProgramCache]: Analyzing trace with hash -1692887308, now seen corresponding path program 9 times [2019-08-05 10:59:20,217 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:20,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:20,270 INFO L256 TraceCheckSpWp]: Trace formula consists of 540 conjuncts, 14 conjunts are in the unsatisfiable core [2019-08-05 10:59:20,273 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:20,471 INFO L134 CoverageAnalysis]: Checked inductivity of 220 backedges. 115 proven. 85 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2019-08-05 10:59:20,472 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:20,472 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [12] total 12 [2019-08-05 10:59:20,472 INFO L454 AbstractCegarLoop]: Interpolant automaton has 13 states [2019-08-05 10:59:20,473 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2019-08-05 10:59:20,474 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2019-08-05 10:59:20,475 INFO L87 Difference]: Start difference. First operand 35 states and 39 transitions. Second operand 13 states. [2019-08-05 10:59:20,966 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:20,967 INFO L93 Difference]: Finished difference Result 36 states and 40 transitions. [2019-08-05 10:59:20,970 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2019-08-05 10:59:20,971 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 34 [2019-08-05 10:59:20,971 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:20,972 INFO L225 Difference]: With dead ends: 36 [2019-08-05 10:59:20,972 INFO L226 Difference]: Without dead ends: 36 [2019-08-05 10:59:20,973 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 38 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=113, Invalid=193, Unknown=0, NotChecked=0, Total=306 [2019-08-05 10:59:20,973 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 36 states. [2019-08-05 10:59:20,975 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 36 to 36. [2019-08-05 10:59:20,976 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 36 states. [2019-08-05 10:59:20,976 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 40 transitions. [2019-08-05 10:59:20,976 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 40 transitions. Word has length 34 [2019-08-05 10:59:20,977 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:20,977 INFO L475 AbstractCegarLoop]: Abstraction has 36 states and 40 transitions. [2019-08-05 10:59:20,977 INFO L476 AbstractCegarLoop]: Interpolant automaton has 13 states. [2019-08-05 10:59:20,977 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 40 transitions. [2019-08-05 10:59:20,978 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2019-08-05 10:59:20,978 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:20,978 INFO L399 BasicCegarLoop]: trace histogram [15, 6, 6, 5, 1, 1, 1] [2019-08-05 10:59:20,978 INFO L418 AbstractCegarLoop]: === Iteration 12 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:20,978 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:20,979 INFO L82 PathProgramCache]: Analyzing trace with hash -939845287, now seen corresponding path program 10 times [2019-08-05 10:59:20,979 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:21,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:21,228 INFO L256 TraceCheckSpWp]: Trace formula consists of 558 conjuncts, 26 conjunts are in the unsatisfiable core [2019-08-05 10:59:21,231 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:21,247 INFO L392 ElimStorePlain]: Different costs {0=[|v_#length_12|], 2=[|v_#valid_12|]} [2019-08-05 10:59:21,297 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:21,299 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 11 [2019-08-05 10:59:21,299 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:21,354 INFO L567 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:21,370 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 21 [2019-08-05 10:59:21,371 INFO L496 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 2 xjuncts. [2019-08-05 10:59:21,395 INFO L567 ElimStorePlain]: treesize reduction 14, result has 60.0 percent of original size [2019-08-05 10:59:21,396 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:21,396 INFO L221 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:27, output treesize:12 [2019-08-05 10:59:21,733 INFO L134 CoverageAnalysis]: Checked inductivity of 240 backedges. 0 proven. 205 refuted. 0 times theorem prover too weak. 35 trivial. 0 not checked. [2019-08-05 10:59:21,734 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:21,734 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8] total 8 [2019-08-05 10:59:21,734 INFO L454 AbstractCegarLoop]: Interpolant automaton has 9 states [2019-08-05 10:59:21,734 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2019-08-05 10:59:21,735 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:59:21,735 INFO L87 Difference]: Start difference. First operand 36 states and 40 transitions. Second operand 9 states. [2019-08-05 10:59:21,975 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:21,975 INFO L93 Difference]: Finished difference Result 51 states and 57 transitions. [2019-08-05 10:59:21,977 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2019-08-05 10:59:21,977 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 35 [2019-08-05 10:59:21,977 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:21,978 INFO L225 Difference]: With dead ends: 51 [2019-08-05 10:59:21,978 INFO L226 Difference]: Without dead ends: 51 [2019-08-05 10:59:21,979 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=19, Invalid=71, Unknown=0, NotChecked=0, Total=90 [2019-08-05 10:59:21,979 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 51 states. [2019-08-05 10:59:21,982 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 51 to 44. [2019-08-05 10:59:21,982 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 44 states. [2019-08-05 10:59:21,983 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 44 states to 44 states and 49 transitions. [2019-08-05 10:59:21,983 INFO L78 Accepts]: Start accepts. Automaton has 44 states and 49 transitions. Word has length 35 [2019-08-05 10:59:21,983 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:21,983 INFO L475 AbstractCegarLoop]: Abstraction has 44 states and 49 transitions. [2019-08-05 10:59:21,983 INFO L476 AbstractCegarLoop]: Interpolant automaton has 9 states. [2019-08-05 10:59:21,984 INFO L276 IsEmpty]: Start isEmpty. Operand 44 states and 49 transitions. [2019-08-05 10:59:21,985 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2019-08-05 10:59:21,985 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:21,985 INFO L399 BasicCegarLoop]: trace histogram [20, 7, 7, 6, 1, 1, 1] [2019-08-05 10:59:21,985 INFO L418 AbstractCegarLoop]: === Iteration 13 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:21,986 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:21,986 INFO L82 PathProgramCache]: Analyzing trace with hash -1559339254, now seen corresponding path program 11 times [2019-08-05 10:59:21,986 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:22,042 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:22,048 INFO L256 TraceCheckSpWp]: Trace formula consists of 692 conjuncts, 16 conjunts are in the unsatisfiable core [2019-08-05 10:59:22,052 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:22,297 INFO L134 CoverageAnalysis]: Checked inductivity of 393 backedges. 217 proven. 141 refuted. 0 times theorem prover too weak. 35 trivial. 0 not checked. [2019-08-05 10:59:22,298 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:22,298 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [14] total 14 [2019-08-05 10:59:22,298 INFO L454 AbstractCegarLoop]: Interpolant automaton has 15 states [2019-08-05 10:59:22,299 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2019-08-05 10:59:22,299 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=63, Invalid=147, Unknown=0, NotChecked=0, Total=210 [2019-08-05 10:59:22,299 INFO L87 Difference]: Start difference. First operand 44 states and 49 transitions. Second operand 15 states. [2019-08-05 10:59:22,970 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:22,970 INFO L93 Difference]: Finished difference Result 45 states and 50 transitions. [2019-08-05 10:59:22,971 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2019-08-05 10:59:22,971 INFO L78 Accepts]: Start accepts. Automaton has 15 states. Word has length 43 [2019-08-05 10:59:22,971 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:22,972 INFO L225 Difference]: With dead ends: 45 [2019-08-05 10:59:22,972 INFO L226 Difference]: Without dead ends: 45 [2019-08-05 10:59:22,973 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 48 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 51 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=153, Invalid=267, Unknown=0, NotChecked=0, Total=420 [2019-08-05 10:59:22,974 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2019-08-05 10:59:22,977 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2019-08-05 10:59:22,977 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 45 states. [2019-08-05 10:59:22,978 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 50 transitions. [2019-08-05 10:59:22,978 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 50 transitions. Word has length 43 [2019-08-05 10:59:22,978 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:22,979 INFO L475 AbstractCegarLoop]: Abstraction has 45 states and 50 transitions. [2019-08-05 10:59:22,979 INFO L476 AbstractCegarLoop]: Interpolant automaton has 15 states. [2019-08-05 10:59:22,979 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 50 transitions. [2019-08-05 10:59:22,979 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2019-08-05 10:59:22,979 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:22,979 INFO L399 BasicCegarLoop]: trace histogram [21, 7, 7, 6, 1, 1, 1] [2019-08-05 10:59:22,980 INFO L418 AbstractCegarLoop]: === Iteration 14 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:22,980 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:22,980 INFO L82 PathProgramCache]: Analyzing trace with hash -1094822909, now seen corresponding path program 12 times [2019-08-05 10:59:22,981 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:23,400 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:23,431 INFO L256 TraceCheckSpWp]: Trace formula consists of 710 conjuncts, 41 conjunts are in the unsatisfiable core [2019-08-05 10:59:23,437 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:23,703 WARN L188 SmtUtils]: Spent 187.00 ms on a formula simplification that was a NOOP. DAG size: 13 [2019-08-05 10:59:23,704 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:23,704 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:23,705 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:24,128 WARN L188 SmtUtils]: Spent 421.00 ms on a formula simplification. DAG size of input: 22 DAG size of output: 19 [2019-08-05 10:59:24,128 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:24,129 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:24,129 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:24,294 WARN L188 SmtUtils]: Spent 137.00 ms on a formula simplification that was a NOOP. DAG size: 17 [2019-08-05 10:59:24,360 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:24,489 INFO L134 CoverageAnalysis]: Checked inductivity of 420 backedges. 0 proven. 368 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2019-08-05 10:59:24,489 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:24,489 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [11] total 11 [2019-08-05 10:59:24,490 INFO L454 AbstractCegarLoop]: Interpolant automaton has 12 states [2019-08-05 10:59:24,490 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2019-08-05 10:59:24,490 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=109, Unknown=0, NotChecked=0, Total=132 [2019-08-05 10:59:24,491 INFO L87 Difference]: Start difference. First operand 45 states and 50 transitions. Second operand 12 states. [2019-08-05 10:59:24,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:24,888 INFO L93 Difference]: Finished difference Result 62 states and 69 transitions. [2019-08-05 10:59:24,888 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2019-08-05 10:59:24,889 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 44 [2019-08-05 10:59:24,889 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:24,890 INFO L225 Difference]: With dead ends: 62 [2019-08-05 10:59:24,890 INFO L226 Difference]: Without dead ends: 62 [2019-08-05 10:59:24,891 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=32, Invalid=150, Unknown=0, NotChecked=0, Total=182 [2019-08-05 10:59:24,891 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2019-08-05 10:59:24,894 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 54. [2019-08-05 10:59:24,895 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 54 states. [2019-08-05 10:59:24,895 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 54 states to 54 states and 60 transitions. [2019-08-05 10:59:24,895 INFO L78 Accepts]: Start accepts. Automaton has 54 states and 60 transitions. Word has length 44 [2019-08-05 10:59:24,896 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:24,896 INFO L475 AbstractCegarLoop]: Abstraction has 54 states and 60 transitions. [2019-08-05 10:59:24,896 INFO L476 AbstractCegarLoop]: Interpolant automaton has 12 states. [2019-08-05 10:59:24,896 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 60 transitions. [2019-08-05 10:59:24,897 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2019-08-05 10:59:24,897 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:24,897 INFO L399 BasicCegarLoop]: trace histogram [27, 8, 8, 7, 1, 1, 1] [2019-08-05 10:59:24,897 INFO L418 AbstractCegarLoop]: === Iteration 15 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:24,898 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:24,898 INFO L82 PathProgramCache]: Analyzing trace with hash -1883146087, now seen corresponding path program 13 times [2019-08-05 10:59:24,898 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:24,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:24,979 INFO L256 TraceCheckSpWp]: Trace formula consists of 862 conjuncts, 18 conjunts are in the unsatisfiable core [2019-08-05 10:59:24,982 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:25,676 INFO L134 CoverageAnalysis]: Checked inductivity of 651 backedges. 378 proven. 217 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2019-08-05 10:59:25,676 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:25,676 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [16] total 16 [2019-08-05 10:59:25,677 INFO L454 AbstractCegarLoop]: Interpolant automaton has 17 states [2019-08-05 10:59:25,677 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2019-08-05 10:59:25,677 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=80, Invalid=192, Unknown=0, NotChecked=0, Total=272 [2019-08-05 10:59:25,677 INFO L87 Difference]: Start difference. First operand 54 states and 60 transitions. Second operand 17 states. [2019-08-05 10:59:26,035 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:26,035 INFO L93 Difference]: Finished difference Result 55 states and 61 transitions. [2019-08-05 10:59:26,035 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-08-05 10:59:26,036 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 53 [2019-08-05 10:59:26,036 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:26,037 INFO L225 Difference]: With dead ends: 55 [2019-08-05 10:59:26,037 INFO L226 Difference]: Without dead ends: 55 [2019-08-05 10:59:26,038 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 59 GetRequests, 37 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 70 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=199, Invalid=353, Unknown=0, NotChecked=0, Total=552 [2019-08-05 10:59:26,038 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 55 states. [2019-08-05 10:59:26,041 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 55 to 55. [2019-08-05 10:59:26,041 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 55 states. [2019-08-05 10:59:26,042 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 55 states to 55 states and 61 transitions. [2019-08-05 10:59:26,042 INFO L78 Accepts]: Start accepts. Automaton has 55 states and 61 transitions. Word has length 53 [2019-08-05 10:59:26,042 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:26,043 INFO L475 AbstractCegarLoop]: Abstraction has 55 states and 61 transitions. [2019-08-05 10:59:26,043 INFO L476 AbstractCegarLoop]: Interpolant automaton has 17 states. [2019-08-05 10:59:26,043 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 61 transitions. [2019-08-05 10:59:26,044 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2019-08-05 10:59:26,044 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:26,044 INFO L399 BasicCegarLoop]: trace histogram [28, 8, 8, 7, 1, 1, 1] [2019-08-05 10:59:26,044 INFO L418 AbstractCegarLoop]: === Iteration 16 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:26,044 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:26,045 INFO L82 PathProgramCache]: Analyzing trace with hash 1752067156, now seen corresponding path program 14 times [2019-08-05 10:59:26,045 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:26,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:26,596 INFO L256 TraceCheckSpWp]: Trace formula consists of 880 conjuncts, 35 conjunts are in the unsatisfiable core [2019-08-05 10:59:26,599 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:26,865 WARN L188 SmtUtils]: Spent 190.00 ms on a formula simplification that was a NOOP. DAG size: 13 [2019-08-05 10:59:26,866 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:26,866 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:26,867 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:27,269 WARN L188 SmtUtils]: Spent 402.00 ms on a formula simplification. DAG size of input: 22 DAG size of output: 19 [2019-08-05 10:59:27,270 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:27,271 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:27,271 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-08-05 10:59:27,272 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:27,272 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:27,397 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:27,453 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:27,507 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:27,761 INFO L134 CoverageAnalysis]: Checked inductivity of 686 backedges. 0 proven. 602 refuted. 0 times theorem prover too weak. 84 trivial. 0 not checked. [2019-08-05 10:59:27,762 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:27,762 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [10] total 10 [2019-08-05 10:59:27,762 INFO L454 AbstractCegarLoop]: Interpolant automaton has 11 states [2019-08-05 10:59:27,762 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2019-08-05 10:59:27,763 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=19, Invalid=91, Unknown=0, NotChecked=0, Total=110 [2019-08-05 10:59:27,763 INFO L87 Difference]: Start difference. First operand 55 states and 61 transitions. Second operand 11 states. [2019-08-05 10:59:28,205 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:28,205 INFO L93 Difference]: Finished difference Result 74 states and 82 transitions. [2019-08-05 10:59:28,207 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2019-08-05 10:59:28,207 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 54 [2019-08-05 10:59:28,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:28,208 INFO L225 Difference]: With dead ends: 74 [2019-08-05 10:59:28,208 INFO L226 Difference]: Without dead ends: 74 [2019-08-05 10:59:28,209 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 54 GetRequests, 42 SyntacticMatches, 2 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=23, Invalid=109, Unknown=0, NotChecked=0, Total=132 [2019-08-05 10:59:28,209 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states. [2019-08-05 10:59:28,212 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 65. [2019-08-05 10:59:28,212 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 65 states. [2019-08-05 10:59:28,213 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 72 transitions. [2019-08-05 10:59:28,213 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 72 transitions. Word has length 54 [2019-08-05 10:59:28,214 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:28,214 INFO L475 AbstractCegarLoop]: Abstraction has 65 states and 72 transitions. [2019-08-05 10:59:28,214 INFO L476 AbstractCegarLoop]: Interpolant automaton has 11 states. [2019-08-05 10:59:28,218 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 72 transitions. [2019-08-05 10:59:28,219 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2019-08-05 10:59:28,219 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:28,219 INFO L399 BasicCegarLoop]: trace histogram [35, 9, 9, 8, 1, 1, 1] [2019-08-05 10:59:28,220 INFO L418 AbstractCegarLoop]: === Iteration 17 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:28,220 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:28,220 INFO L82 PathProgramCache]: Analyzing trace with hash 1128076133, now seen corresponding path program 15 times [2019-08-05 10:59:28,221 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:28,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:28,317 INFO L256 TraceCheckSpWp]: Trace formula consists of 1050 conjuncts, 20 conjunts are in the unsatisfiable core [2019-08-05 10:59:28,320 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:29,778 INFO L134 CoverageAnalysis]: Checked inductivity of 1018 backedges. 618 proven. 316 refuted. 0 times theorem prover too weak. 84 trivial. 0 not checked. [2019-08-05 10:59:29,779 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:29,779 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18] total 18 [2019-08-05 10:59:29,779 INFO L454 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-08-05 10:59:29,779 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-08-05 10:59:29,780 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=99, Invalid=243, Unknown=0, NotChecked=0, Total=342 [2019-08-05 10:59:29,780 INFO L87 Difference]: Start difference. First operand 65 states and 72 transitions. Second operand 19 states. [2019-08-05 10:59:30,210 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:30,211 INFO L93 Difference]: Finished difference Result 66 states and 73 transitions. [2019-08-05 10:59:30,211 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2019-08-05 10:59:30,211 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 64 [2019-08-05 10:59:30,212 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:30,213 INFO L225 Difference]: With dead ends: 66 [2019-08-05 10:59:30,213 INFO L226 Difference]: Without dead ends: 66 [2019-08-05 10:59:30,214 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 71 GetRequests, 46 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 92 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=251, Invalid=451, Unknown=0, NotChecked=0, Total=702 [2019-08-05 10:59:30,214 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2019-08-05 10:59:30,218 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2019-08-05 10:59:30,218 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 66 states. [2019-08-05 10:59:30,219 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 73 transitions. [2019-08-05 10:59:30,219 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 73 transitions. Word has length 64 [2019-08-05 10:59:30,219 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:30,219 INFO L475 AbstractCegarLoop]: Abstraction has 66 states and 73 transitions. [2019-08-05 10:59:30,219 INFO L476 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-08-05 10:59:30,220 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 73 transitions. [2019-08-05 10:59:30,221 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2019-08-05 10:59:30,221 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:30,221 INFO L399 BasicCegarLoop]: trace histogram [36, 9, 9, 8, 1, 1, 1] [2019-08-05 10:59:30,221 INFO L418 AbstractCegarLoop]: === Iteration 18 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:30,221 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:30,222 INFO L82 PathProgramCache]: Analyzing trace with hash 610675464, now seen corresponding path program 16 times [2019-08-05 10:59:30,223 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:31,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:31,059 INFO L256 TraceCheckSpWp]: Trace formula consists of 1068 conjuncts, 36 conjunts are in the unsatisfiable core [2019-08-05 10:59:31,068 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:31,091 INFO L392 ElimStorePlain]: Different costs {0=[|v_#length_15|], 2=[|v_#valid_13|]} [2019-08-05 10:59:31,137 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:31,138 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 11 [2019-08-05 10:59:31,139 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:31,290 WARN L188 SmtUtils]: Spent 150.00 ms on a formula simplification that was a NOOP. DAG size: 21 [2019-08-05 10:59:31,290 INFO L567 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:31,365 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 34 [2019-08-05 10:59:31,366 INFO L496 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:31,453 INFO L567 ElimStorePlain]: treesize reduction 13, result has 61.8 percent of original size [2019-08-05 10:59:31,454 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:31,454 INFO L221 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:27, output treesize:12 [2019-08-05 10:59:31,594 INFO L134 CoverageAnalysis]: Checked inductivity of 1062 backedges. 0 proven. 942 refuted. 0 times theorem prover too weak. 120 trivial. 0 not checked. [2019-08-05 10:59:31,595 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:31,595 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [11] total 11 [2019-08-05 10:59:31,595 INFO L454 AbstractCegarLoop]: Interpolant automaton has 12 states [2019-08-05 10:59:31,595 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2019-08-05 10:59:31,596 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=111, Unknown=0, NotChecked=0, Total=132 [2019-08-05 10:59:31,596 INFO L87 Difference]: Start difference. First operand 66 states and 73 transitions. Second operand 12 states. [2019-08-05 10:59:32,019 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:32,020 INFO L93 Difference]: Finished difference Result 87 states and 96 transitions. [2019-08-05 10:59:32,020 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2019-08-05 10:59:32,020 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 65 [2019-08-05 10:59:32,021 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:32,021 INFO L225 Difference]: With dead ends: 87 [2019-08-05 10:59:32,021 INFO L226 Difference]: Without dead ends: 87 [2019-08-05 10:59:32,022 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 65 GetRequests, 54 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=25, Invalid=131, Unknown=0, NotChecked=0, Total=156 [2019-08-05 10:59:32,022 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2019-08-05 10:59:32,025 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 77. [2019-08-05 10:59:32,025 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 77 states. [2019-08-05 10:59:32,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 85 transitions. [2019-08-05 10:59:32,028 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 85 transitions. Word has length 65 [2019-08-05 10:59:32,029 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:32,029 INFO L475 AbstractCegarLoop]: Abstraction has 77 states and 85 transitions. [2019-08-05 10:59:32,029 INFO L476 AbstractCegarLoop]: Interpolant automaton has 12 states. [2019-08-05 10:59:32,029 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 85 transitions. [2019-08-05 10:59:32,030 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2019-08-05 10:59:32,030 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:32,030 INFO L399 BasicCegarLoop]: trace histogram [44, 10, 10, 9, 1, 1, 1] [2019-08-05 10:59:32,031 INFO L418 AbstractCegarLoop]: === Iteration 19 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:32,031 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:32,031 INFO L82 PathProgramCache]: Analyzing trace with hash 1504965588, now seen corresponding path program 17 times [2019-08-05 10:59:32,032 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:32,136 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:32,147 INFO L256 TraceCheckSpWp]: Trace formula consists of 1256 conjuncts, 22 conjunts are in the unsatisfiable core [2019-08-05 10:59:32,150 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:32,432 INFO L134 CoverageAnalysis]: Checked inductivity of 1521 backedges. 960 proven. 441 refuted. 0 times theorem prover too weak. 120 trivial. 0 not checked. [2019-08-05 10:59:32,432 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:32,432 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [20] total 20 [2019-08-05 10:59:32,433 INFO L454 AbstractCegarLoop]: Interpolant automaton has 21 states [2019-08-05 10:59:32,433 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2019-08-05 10:59:32,433 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=120, Invalid=300, Unknown=0, NotChecked=0, Total=420 [2019-08-05 10:59:32,434 INFO L87 Difference]: Start difference. First operand 77 states and 85 transitions. Second operand 21 states. [2019-08-05 10:59:32,796 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:32,796 INFO L93 Difference]: Finished difference Result 78 states and 86 transitions. [2019-08-05 10:59:32,796 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2019-08-05 10:59:32,797 INFO L78 Accepts]: Start accepts. Automaton has 21 states. Word has length 76 [2019-08-05 10:59:32,797 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:32,798 INFO L225 Difference]: With dead ends: 78 [2019-08-05 10:59:32,798 INFO L226 Difference]: Without dead ends: 78 [2019-08-05 10:59:32,799 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 84 GetRequests, 56 SyntacticMatches, 0 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 117 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=309, Invalid=561, Unknown=0, NotChecked=0, Total=870 [2019-08-05 10:59:32,799 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2019-08-05 10:59:32,802 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2019-08-05 10:59:32,802 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 78 states. [2019-08-05 10:59:32,803 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 86 transitions. [2019-08-05 10:59:32,803 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 86 transitions. Word has length 76 [2019-08-05 10:59:32,803 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:32,803 INFO L475 AbstractCegarLoop]: Abstraction has 78 states and 86 transitions. [2019-08-05 10:59:32,803 INFO L476 AbstractCegarLoop]: Interpolant automaton has 21 states. [2019-08-05 10:59:32,803 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 86 transitions. [2019-08-05 10:59:32,804 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 78 [2019-08-05 10:59:32,805 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:32,805 INFO L399 BasicCegarLoop]: trace histogram [45, 10, 10, 9, 1, 1, 1] [2019-08-05 10:59:32,805 INFO L418 AbstractCegarLoop]: === Iteration 20 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:32,805 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:32,805 INFO L82 PathProgramCache]: Analyzing trace with hash -590653319, now seen corresponding path program 18 times [2019-08-05 10:59:32,806 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:33,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:33,984 INFO L256 TraceCheckSpWp]: Trace formula consists of 1274 conjuncts, 58 conjunts are in the unsatisfiable core [2019-08-05 10:59:33,988 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:34,052 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:34,221 WARN L188 SmtUtils]: Spent 167.00 ms on a formula simplification that was a NOOP. DAG size: 13 [2019-08-05 10:59:34,222 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:34,222 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:34,222 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:34,626 WARN L188 SmtUtils]: Spent 402.00 ms on a formula simplification. DAG size of input: 22 DAG size of output: 19 [2019-08-05 10:59:34,626 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:34,627 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:34,627 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:34,833 WARN L188 SmtUtils]: Spent 181.00 ms on a formula simplification that was a NOOP. DAG size: 17 [2019-08-05 10:59:35,043 WARN L188 SmtUtils]: Spent 154.00 ms on a formula simplification that was a NOOP. DAG size: 18 [2019-08-05 10:59:35,271 WARN L188 SmtUtils]: Spent 149.00 ms on a formula simplification that was a NOOP. DAG size: 18 [2019-08-05 10:59:35,428 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:35,522 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:35,637 INFO L134 CoverageAnalysis]: Checked inductivity of 1575 backedges. 0 proven. 1436 refuted. 0 times theorem prover too weak. 139 trivial. 0 not checked. [2019-08-05 10:59:35,637 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:35,638 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [16] total 16 [2019-08-05 10:59:35,638 INFO L454 AbstractCegarLoop]: Interpolant automaton has 17 states [2019-08-05 10:59:35,638 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2019-08-05 10:59:35,639 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=237, Unknown=0, NotChecked=0, Total=272 [2019-08-05 10:59:35,639 INFO L87 Difference]: Start difference. First operand 78 states and 86 transitions. Second operand 17 states. [2019-08-05 10:59:36,671 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:36,672 INFO L93 Difference]: Finished difference Result 101 states and 111 transitions. [2019-08-05 10:59:36,673 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-08-05 10:59:36,673 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 77 [2019-08-05 10:59:36,674 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:36,674 INFO L225 Difference]: With dead ends: 101 [2019-08-05 10:59:36,675 INFO L226 Difference]: Without dead ends: 101 [2019-08-05 10:59:36,675 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 79 GetRequests, 61 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 1.2s TimeCoverageRelationStatistics Valid=51, Invalid=329, Unknown=0, NotChecked=0, Total=380 [2019-08-05 10:59:36,675 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2019-08-05 10:59:36,677 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 90. [2019-08-05 10:59:36,677 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 90 states. [2019-08-05 10:59:36,678 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 99 transitions. [2019-08-05 10:59:36,678 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 99 transitions. Word has length 77 [2019-08-05 10:59:36,678 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:36,679 INFO L475 AbstractCegarLoop]: Abstraction has 90 states and 99 transitions. [2019-08-05 10:59:36,679 INFO L476 AbstractCegarLoop]: Interpolant automaton has 17 states. [2019-08-05 10:59:36,679 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 99 transitions. [2019-08-05 10:59:36,680 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2019-08-05 10:59:36,680 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:36,680 INFO L399 BasicCegarLoop]: trace histogram [54, 11, 11, 10, 1, 1, 1] [2019-08-05 10:59:36,680 INFO L418 AbstractCegarLoop]: === Iteration 21 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:36,681 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:36,681 INFO L82 PathProgramCache]: Analyzing trace with hash 1974133866, now seen corresponding path program 19 times [2019-08-05 10:59:36,682 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:36,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:36,844 INFO L256 TraceCheckSpWp]: Trace formula consists of 1480 conjuncts, 24 conjunts are in the unsatisfiable core [2019-08-05 10:59:36,847 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:37,882 INFO L134 CoverageAnalysis]: Checked inductivity of 2190 backedges. 1430 proven. 595 refuted. 0 times theorem prover too weak. 165 trivial. 0 not checked. [2019-08-05 10:59:37,882 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:37,882 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [22] total 22 [2019-08-05 10:59:37,883 INFO L454 AbstractCegarLoop]: Interpolant automaton has 23 states [2019-08-05 10:59:37,883 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2019-08-05 10:59:37,883 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=143, Invalid=363, Unknown=0, NotChecked=0, Total=506 [2019-08-05 10:59:37,884 INFO L87 Difference]: Start difference. First operand 90 states and 99 transitions. Second operand 23 states. [2019-08-05 10:59:38,362 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:38,362 INFO L93 Difference]: Finished difference Result 91 states and 100 transitions. [2019-08-05 10:59:38,363 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2019-08-05 10:59:38,363 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 89 [2019-08-05 10:59:38,363 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:38,364 INFO L225 Difference]: With dead ends: 91 [2019-08-05 10:59:38,364 INFO L226 Difference]: Without dead ends: 91 [2019-08-05 10:59:38,365 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 98 GetRequests, 67 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 145 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=373, Invalid=683, Unknown=0, NotChecked=0, Total=1056 [2019-08-05 10:59:38,365 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2019-08-05 10:59:38,367 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2019-08-05 10:59:38,367 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 91 states. [2019-08-05 10:59:38,368 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 100 transitions. [2019-08-05 10:59:38,368 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 100 transitions. Word has length 89 [2019-08-05 10:59:38,369 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:38,369 INFO L475 AbstractCegarLoop]: Abstraction has 91 states and 100 transitions. [2019-08-05 10:59:38,369 INFO L476 AbstractCegarLoop]: Interpolant automaton has 23 states. [2019-08-05 10:59:38,369 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 100 transitions. [2019-08-05 10:59:38,370 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2019-08-05 10:59:38,370 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:38,370 INFO L399 BasicCegarLoop]: trace histogram [55, 11, 11, 10, 1, 1, 1] [2019-08-05 10:59:38,371 INFO L418 AbstractCegarLoop]: === Iteration 22 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:38,371 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:38,371 INFO L82 PathProgramCache]: Analyzing trace with hash 1068661411, now seen corresponding path program 20 times [2019-08-05 10:59:38,372 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:39,930 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:39,967 INFO L256 TraceCheckSpWp]: Trace formula consists of 1498 conjuncts, 46 conjunts are in the unsatisfiable core [2019-08-05 10:59:39,970 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:40,033 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:40,061 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:40,062 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:40,062 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:40,084 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:40,085 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:40,086 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-08-05 10:59:40,087 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:40,088 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:40,096 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:40,103 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:40,107 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:40,565 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:40,722 INFO L134 CoverageAnalysis]: Checked inductivity of 2255 backedges. 0 proven. 2035 refuted. 0 times theorem prover too weak. 220 trivial. 0 not checked. [2019-08-05 10:59:40,723 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:40,723 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [14] total 14 [2019-08-05 10:59:40,723 INFO L454 AbstractCegarLoop]: Interpolant automaton has 15 states [2019-08-05 10:59:40,723 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2019-08-05 10:59:40,723 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=28, Invalid=182, Unknown=0, NotChecked=0, Total=210 [2019-08-05 10:59:40,723 INFO L87 Difference]: Start difference. First operand 91 states and 100 transitions. Second operand 15 states. [2019-08-05 10:59:41,552 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:41,553 INFO L93 Difference]: Finished difference Result 116 states and 127 transitions. [2019-08-05 10:59:41,556 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2019-08-05 10:59:41,557 INFO L78 Accepts]: Start accepts. Automaton has 15 states. Word has length 90 [2019-08-05 10:59:41,557 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:41,557 INFO L225 Difference]: With dead ends: 116 [2019-08-05 10:59:41,557 INFO L226 Difference]: Without dead ends: 116 [2019-08-05 10:59:41,558 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 90 GetRequests, 74 SyntacticMatches, 2 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=32, Invalid=208, Unknown=0, NotChecked=0, Total=240 [2019-08-05 10:59:41,558 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2019-08-05 10:59:41,560 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 104. [2019-08-05 10:59:41,560 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 104 states. [2019-08-05 10:59:41,560 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 114 transitions. [2019-08-05 10:59:41,560 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 114 transitions. Word has length 90 [2019-08-05 10:59:41,561 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:41,561 INFO L475 AbstractCegarLoop]: Abstraction has 104 states and 114 transitions. [2019-08-05 10:59:41,561 INFO L476 AbstractCegarLoop]: Interpolant automaton has 15 states. [2019-08-05 10:59:41,561 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 114 transitions. [2019-08-05 10:59:41,562 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 104 [2019-08-05 10:59:41,562 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:41,562 INFO L399 BasicCegarLoop]: trace histogram [65, 12, 12, 11, 1, 1, 1] [2019-08-05 10:59:41,563 INFO L418 AbstractCegarLoop]: === Iteration 23 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:41,563 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:41,563 INFO L82 PathProgramCache]: Analyzing trace with hash -1890210631, now seen corresponding path program 21 times [2019-08-05 10:59:41,564 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:41,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:41,725 INFO L256 TraceCheckSpWp]: Trace formula consists of 1722 conjuncts, 26 conjunts are in the unsatisfiable core [2019-08-05 10:59:41,728 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:42,287 INFO L134 CoverageAnalysis]: Checked inductivity of 3058 backedges. 2057 proven. 781 refuted. 0 times theorem prover too weak. 220 trivial. 0 not checked. [2019-08-05 10:59:42,287 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:42,287 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [24] total 24 [2019-08-05 10:59:42,288 INFO L454 AbstractCegarLoop]: Interpolant automaton has 25 states [2019-08-05 10:59:42,288 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2019-08-05 10:59:42,288 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=168, Invalid=432, Unknown=0, NotChecked=0, Total=600 [2019-08-05 10:59:42,288 INFO L87 Difference]: Start difference. First operand 104 states and 114 transitions. Second operand 25 states. [2019-08-05 10:59:42,680 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:42,681 INFO L93 Difference]: Finished difference Result 105 states and 115 transitions. [2019-08-05 10:59:42,681 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2019-08-05 10:59:42,681 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 103 [2019-08-05 10:59:42,682 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:42,683 INFO L225 Difference]: With dead ends: 105 [2019-08-05 10:59:42,683 INFO L226 Difference]: Without dead ends: 105 [2019-08-05 10:59:42,684 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 113 GetRequests, 79 SyntacticMatches, 0 SemanticMatches, 34 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 176 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=443, Invalid=817, Unknown=0, NotChecked=0, Total=1260 [2019-08-05 10:59:42,684 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2019-08-05 10:59:42,686 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 105. [2019-08-05 10:59:42,686 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 105 states. [2019-08-05 10:59:42,687 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 115 transitions. [2019-08-05 10:59:42,687 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 115 transitions. Word has length 103 [2019-08-05 10:59:42,687 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:42,687 INFO L475 AbstractCegarLoop]: Abstraction has 105 states and 115 transitions. [2019-08-05 10:59:42,688 INFO L476 AbstractCegarLoop]: Interpolant automaton has 25 states. [2019-08-05 10:59:42,688 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 115 transitions. [2019-08-05 10:59:42,688 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2019-08-05 10:59:42,688 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:42,689 INFO L399 BasicCegarLoop]: trace histogram [66, 12, 12, 11, 1, 1, 1] [2019-08-05 10:59:42,689 INFO L418 AbstractCegarLoop]: === Iteration 24 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:42,689 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:42,689 INFO L82 PathProgramCache]: Analyzing trace with hash 1533066292, now seen corresponding path program 22 times [2019-08-05 10:59:42,690 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:44,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:44,612 INFO L256 TraceCheckSpWp]: Trace formula consists of 1740 conjuncts, 64 conjunts are in the unsatisfiable core [2019-08-05 10:59:44,619 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:44,683 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:44,857 WARN L188 SmtUtils]: Spent 173.00 ms on a formula simplification that was a NOOP. DAG size: 13 [2019-08-05 10:59:44,858 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:44,861 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:44,861 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:44,914 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:44,915 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:44,915 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:45,110 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:45,462 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:45,592 INFO L134 CoverageAnalysis]: Checked inductivity of 3135 backedges. 0 proven. 2855 refuted. 0 times theorem prover too weak. 280 trivial. 0 not checked. [2019-08-05 10:59:45,593 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:45,593 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18] total 18 [2019-08-05 10:59:45,593 INFO L454 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-08-05 10:59:45,593 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-08-05 10:59:45,594 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=39, Invalid=303, Unknown=0, NotChecked=0, Total=342 [2019-08-05 10:59:45,594 INFO L87 Difference]: Start difference. First operand 105 states and 115 transitions. Second operand 19 states. [2019-08-05 10:59:46,737 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:46,737 INFO L93 Difference]: Finished difference Result 132 states and 144 transitions. [2019-08-05 10:59:46,743 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2019-08-05 10:59:46,744 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 104 [2019-08-05 10:59:46,744 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:46,744 INFO L225 Difference]: With dead ends: 132 [2019-08-05 10:59:46,745 INFO L226 Difference]: Without dead ends: 132 [2019-08-05 10:59:46,745 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 105 GetRequests, 86 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=48, Invalid=372, Unknown=0, NotChecked=0, Total=420 [2019-08-05 10:59:46,745 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 132 states. [2019-08-05 10:59:46,747 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 132 to 119. [2019-08-05 10:59:46,747 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 119 states. [2019-08-05 10:59:46,748 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 130 transitions. [2019-08-05 10:59:46,748 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 130 transitions. Word has length 104 [2019-08-05 10:59:46,748 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:46,748 INFO L475 AbstractCegarLoop]: Abstraction has 119 states and 130 transitions. [2019-08-05 10:59:46,748 INFO L476 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-08-05 10:59:46,749 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 130 transitions. [2019-08-05 10:59:46,749 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2019-08-05 10:59:46,749 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:46,749 INFO L399 BasicCegarLoop]: trace histogram [77, 13, 13, 12, 1, 1, 1] [2019-08-05 10:59:46,750 INFO L418 AbstractCegarLoop]: === Iteration 25 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:46,750 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:46,750 INFO L82 PathProgramCache]: Analyzing trace with hash 164654085, now seen corresponding path program 23 times [2019-08-05 10:59:46,751 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:46,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:46,965 INFO L256 TraceCheckSpWp]: Trace formula consists of 1982 conjuncts, 28 conjunts are in the unsatisfiable core [2019-08-05 10:59:46,971 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:47,783 INFO L134 CoverageAnalysis]: Checked inductivity of 4161 backedges. 2873 proven. 1002 refuted. 0 times theorem prover too weak. 286 trivial. 0 not checked. [2019-08-05 10:59:47,784 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:47,784 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [26] total 26 [2019-08-05 10:59:47,784 INFO L454 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-08-05 10:59:47,784 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-08-05 10:59:47,785 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=195, Invalid=507, Unknown=0, NotChecked=0, Total=702 [2019-08-05 10:59:47,785 INFO L87 Difference]: Start difference. First operand 119 states and 130 transitions. Second operand 27 states. [2019-08-05 10:59:48,393 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:48,393 INFO L93 Difference]: Finished difference Result 120 states and 131 transitions. [2019-08-05 10:59:48,393 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-08-05 10:59:48,393 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 118 [2019-08-05 10:59:48,394 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:48,395 INFO L225 Difference]: With dead ends: 120 [2019-08-05 10:59:48,395 INFO L226 Difference]: Without dead ends: 120 [2019-08-05 10:59:48,396 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 129 GetRequests, 92 SyntacticMatches, 0 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 210 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=519, Invalid=963, Unknown=0, NotChecked=0, Total=1482 [2019-08-05 10:59:48,396 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2019-08-05 10:59:48,398 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 120. [2019-08-05 10:59:48,399 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 120 states. [2019-08-05 10:59:48,399 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 131 transitions. [2019-08-05 10:59:48,400 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 131 transitions. Word has length 118 [2019-08-05 10:59:48,400 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:48,400 INFO L475 AbstractCegarLoop]: Abstraction has 120 states and 131 transitions. [2019-08-05 10:59:48,400 INFO L476 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-08-05 10:59:48,400 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 131 transitions. [2019-08-05 10:59:48,401 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2019-08-05 10:59:48,401 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:48,401 INFO L399 BasicCegarLoop]: trace histogram [78, 13, 13, 12, 1, 1, 1] [2019-08-05 10:59:48,402 INFO L418 AbstractCegarLoop]: === Iteration 26 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:48,402 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:48,402 INFO L82 PathProgramCache]: Analyzing trace with hash 809363048, now seen corresponding path program 24 times [2019-08-05 10:59:48,403 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:50,208 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:50,262 INFO L256 TraceCheckSpWp]: Trace formula consists of 2000 conjuncts, 56 conjunts are in the unsatisfiable core [2019-08-05 10:59:50,266 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:50,326 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:50,364 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:50,365 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:50,365 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:50,425 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:50,425 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 10:59:50,426 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:50,771 WARN L188 SmtUtils]: Spent 166.00 ms on a formula simplification that was a NOOP. DAG size: 18 [2019-08-05 10:59:51,235 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:51,482 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:51,719 INFO L134 CoverageAnalysis]: Checked inductivity of 4251 backedges. 0 proven. 3897 refuted. 0 times theorem prover too weak. 354 trivial. 0 not checked. [2019-08-05 10:59:51,719 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:51,719 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18] total 18 [2019-08-05 10:59:51,719 INFO L454 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-08-05 10:59:51,720 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-08-05 10:59:51,720 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=304, Unknown=0, NotChecked=0, Total=342 [2019-08-05 10:59:51,720 INFO L87 Difference]: Start difference. First operand 120 states and 131 transitions. Second operand 19 states. [2019-08-05 10:59:52,817 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:52,817 INFO L93 Difference]: Finished difference Result 149 states and 162 transitions. [2019-08-05 10:59:52,817 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2019-08-05 10:59:52,817 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 119 [2019-08-05 10:59:52,818 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:52,819 INFO L225 Difference]: With dead ends: 149 [2019-08-05 10:59:52,819 INFO L226 Difference]: Without dead ends: 149 [2019-08-05 10:59:52,819 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 121 GetRequests, 101 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 1.3s TimeCoverageRelationStatistics Valid=54, Invalid=408, Unknown=0, NotChecked=0, Total=462 [2019-08-05 10:59:52,820 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 149 states. [2019-08-05 10:59:52,822 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 149 to 135. [2019-08-05 10:59:52,822 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 135 states. [2019-08-05 10:59:52,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 135 states to 135 states and 147 transitions. [2019-08-05 10:59:52,822 INFO L78 Accepts]: Start accepts. Automaton has 135 states and 147 transitions. Word has length 119 [2019-08-05 10:59:52,823 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:52,823 INFO L475 AbstractCegarLoop]: Abstraction has 135 states and 147 transitions. [2019-08-05 10:59:52,823 INFO L476 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-08-05 10:59:52,823 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 147 transitions. [2019-08-05 10:59:52,823 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 135 [2019-08-05 10:59:52,823 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:52,823 INFO L399 BasicCegarLoop]: trace histogram [90, 14, 14, 13, 1, 1, 1] [2019-08-05 10:59:52,824 INFO L418 AbstractCegarLoop]: === Iteration 27 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:52,824 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:52,824 INFO L82 PathProgramCache]: Analyzing trace with hash 633900468, now seen corresponding path program 25 times [2019-08-05 10:59:52,825 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:53,140 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:53,156 INFO L256 TraceCheckSpWp]: Trace formula consists of 2260 conjuncts, 30 conjunts are in the unsatisfiable core [2019-08-05 10:59:53,160 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:53,856 INFO L134 CoverageAnalysis]: Checked inductivity of 5538 backedges. 3913 proven. 1261 refuted. 0 times theorem prover too weak. 364 trivial. 0 not checked. [2019-08-05 10:59:53,856 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:53,856 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [28] total 28 [2019-08-05 10:59:53,857 INFO L454 AbstractCegarLoop]: Interpolant automaton has 29 states [2019-08-05 10:59:53,857 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2019-08-05 10:59:53,857 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=224, Invalid=588, Unknown=0, NotChecked=0, Total=812 [2019-08-05 10:59:53,857 INFO L87 Difference]: Start difference. First operand 135 states and 147 transitions. Second operand 29 states. [2019-08-05 10:59:54,468 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:54,468 INFO L93 Difference]: Finished difference Result 136 states and 148 transitions. [2019-08-05 10:59:54,475 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2019-08-05 10:59:54,475 INFO L78 Accepts]: Start accepts. Automaton has 29 states. Word has length 134 [2019-08-05 10:59:54,475 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:54,476 INFO L225 Difference]: With dead ends: 136 [2019-08-05 10:59:54,476 INFO L226 Difference]: Without dead ends: 136 [2019-08-05 10:59:54,477 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 146 GetRequests, 106 SyntacticMatches, 0 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 247 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=601, Invalid=1121, Unknown=0, NotChecked=0, Total=1722 [2019-08-05 10:59:54,477 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 136 states. [2019-08-05 10:59:54,479 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 136 to 136. [2019-08-05 10:59:54,480 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 136 states. [2019-08-05 10:59:54,480 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 148 transitions. [2019-08-05 10:59:54,480 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 148 transitions. Word has length 134 [2019-08-05 10:59:54,480 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:54,481 INFO L475 AbstractCegarLoop]: Abstraction has 136 states and 148 transitions. [2019-08-05 10:59:54,481 INFO L476 AbstractCegarLoop]: Interpolant automaton has 29 states. [2019-08-05 10:59:54,481 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 148 transitions. [2019-08-05 10:59:54,481 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2019-08-05 10:59:54,482 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:54,482 INFO L399 BasicCegarLoop]: trace histogram [91, 14, 14, 13, 1, 1, 1] [2019-08-05 10:59:54,482 INFO L418 AbstractCegarLoop]: === Iteration 28 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:54,482 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:54,482 INFO L82 PathProgramCache]: Analyzing trace with hash -1823868263, now seen corresponding path program 26 times [2019-08-05 10:59:54,483 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:57,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:57,440 INFO L256 TraceCheckSpWp]: Trace formula consists of 2278 conjuncts, 46 conjunts are in the unsatisfiable core [2019-08-05 10:59:57,445 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:59:57,481 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 10:59:57,493 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 10:59:57,494 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 10:59:57,494 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 10:59:57,521 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 10:59:57,522 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:57,523 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-08-05 10:59:57,523 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:19, output treesize:21 [2019-08-05 10:59:57,523 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:57,539 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:57,543 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:57,548 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:58,011 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 10:59:58,251 INFO L134 CoverageAnalysis]: Checked inductivity of 5642 backedges. 0 proven. 5187 refuted. 0 times theorem prover too weak. 455 trivial. 0 not checked. [2019-08-05 10:59:58,251 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:59:58,252 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [17] total 17 [2019-08-05 10:59:58,252 INFO L454 AbstractCegarLoop]: Interpolant automaton has 18 states [2019-08-05 10:59:58,252 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2019-08-05 10:59:58,252 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=34, Invalid=272, Unknown=0, NotChecked=0, Total=306 [2019-08-05 10:59:58,252 INFO L87 Difference]: Start difference. First operand 136 states and 148 transitions. Second operand 18 states. [2019-08-05 10:59:59,313 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:59:59,313 INFO L93 Difference]: Finished difference Result 167 states and 181 transitions. [2019-08-05 10:59:59,314 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2019-08-05 10:59:59,314 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 135 [2019-08-05 10:59:59,314 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:59:59,315 INFO L225 Difference]: With dead ends: 167 [2019-08-05 10:59:59,316 INFO L226 Difference]: Without dead ends: 167 [2019-08-05 10:59:59,316 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 135 GetRequests, 116 SyntacticMatches, 2 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=38, Invalid=304, Unknown=0, NotChecked=0, Total=342 [2019-08-05 10:59:59,317 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2019-08-05 10:59:59,320 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 152. [2019-08-05 10:59:59,320 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 152 states. [2019-08-05 10:59:59,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 165 transitions. [2019-08-05 10:59:59,321 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 165 transitions. Word has length 135 [2019-08-05 10:59:59,321 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:59:59,321 INFO L475 AbstractCegarLoop]: Abstraction has 152 states and 165 transitions. [2019-08-05 10:59:59,321 INFO L476 AbstractCegarLoop]: Interpolant automaton has 18 states. [2019-08-05 10:59:59,321 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 165 transitions. [2019-08-05 10:59:59,322 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 152 [2019-08-05 10:59:59,322 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:59:59,322 INFO L399 BasicCegarLoop]: trace histogram [104, 15, 15, 14, 1, 1, 1] [2019-08-05 10:59:59,323 INFO L418 AbstractCegarLoop]: === Iteration 29 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:59:59,323 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:59:59,323 INFO L82 PathProgramCache]: Analyzing trace with hash 338791626, now seen corresponding path program 27 times [2019-08-05 10:59:59,324 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:59:59,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:59:59,537 INFO L256 TraceCheckSpWp]: Trace formula consists of 2556 conjuncts, 32 conjunts are in the unsatisfiable core [2019-08-05 10:59:59,542 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:00,032 INFO L134 CoverageAnalysis]: Checked inductivity of 7231 backedges. 5215 proven. 1561 refuted. 0 times theorem prover too weak. 455 trivial. 0 not checked. [2019-08-05 11:00:00,032 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:00,033 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [30] total 30 [2019-08-05 11:00:00,033 INFO L454 AbstractCegarLoop]: Interpolant automaton has 31 states [2019-08-05 11:00:00,033 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2019-08-05 11:00:00,033 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=255, Invalid=675, Unknown=0, NotChecked=0, Total=930 [2019-08-05 11:00:00,033 INFO L87 Difference]: Start difference. First operand 152 states and 165 transitions. Second operand 31 states. [2019-08-05 11:00:00,584 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:00,584 INFO L93 Difference]: Finished difference Result 153 states and 166 transitions. [2019-08-05 11:00:00,585 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2019-08-05 11:00:00,585 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 151 [2019-08-05 11:00:00,585 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:00,587 INFO L225 Difference]: With dead ends: 153 [2019-08-05 11:00:00,587 INFO L226 Difference]: Without dead ends: 153 [2019-08-05 11:00:00,588 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 164 GetRequests, 121 SyntacticMatches, 0 SemanticMatches, 43 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 287 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=689, Invalid=1291, Unknown=0, NotChecked=0, Total=1980 [2019-08-05 11:00:00,589 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2019-08-05 11:00:00,591 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 153. [2019-08-05 11:00:00,591 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 153 states. [2019-08-05 11:00:00,592 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 166 transitions. [2019-08-05 11:00:00,592 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 166 transitions. Word has length 151 [2019-08-05 11:00:00,593 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:00,593 INFO L475 AbstractCegarLoop]: Abstraction has 153 states and 166 transitions. [2019-08-05 11:00:00,593 INFO L476 AbstractCegarLoop]: Interpolant automaton has 31 states. [2019-08-05 11:00:00,593 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 166 transitions. [2019-08-05 11:00:00,594 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 153 [2019-08-05 11:00:00,594 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:00,594 INFO L399 BasicCegarLoop]: trace histogram [105, 15, 15, 14, 1, 1, 1] [2019-08-05 11:00:00,594 INFO L418 AbstractCegarLoop]: === Iteration 30 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:00,594 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:00,594 INFO L82 PathProgramCache]: Analyzing trace with hash 1912659523, now seen corresponding path program 28 times [2019-08-05 11:00:00,595 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:05,031 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:05,069 INFO L256 TraceCheckSpWp]: Trace formula consists of 2574 conjuncts, 52 conjunts are in the unsatisfiable core [2019-08-05 11:00:05,074 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:05,102 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 11:00:05,122 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 11:00:05,123 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 11:00:05,123 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 11:00:05,148 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 11:00:05,149 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:05,149 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-08-05 11:00:05,149 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:19, output treesize:21 [2019-08-05 11:00:05,150 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:05,161 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:05,166 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:05,171 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:06,161 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:06,831 INFO L134 CoverageAnalysis]: Checked inductivity of 7350 backedges. 0 proven. 6790 refuted. 0 times theorem prover too weak. 560 trivial. 0 not checked. [2019-08-05 11:00:06,832 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:06,832 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18] total 18 [2019-08-05 11:00:06,832 INFO L454 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-08-05 11:00:06,832 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-08-05 11:00:06,833 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=306, Unknown=0, NotChecked=0, Total=342 [2019-08-05 11:00:06,833 INFO L87 Difference]: Start difference. First operand 153 states and 166 transitions. Second operand 19 states. [2019-08-05 11:00:08,252 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:08,253 INFO L93 Difference]: Finished difference Result 186 states and 201 transitions. [2019-08-05 11:00:08,253 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2019-08-05 11:00:08,253 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 152 [2019-08-05 11:00:08,254 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:08,255 INFO L225 Difference]: With dead ends: 186 [2019-08-05 11:00:08,255 INFO L226 Difference]: Without dead ends: 186 [2019-08-05 11:00:08,256 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 152 GetRequests, 132 SyntacticMatches, 2 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=40, Invalid=340, Unknown=0, NotChecked=0, Total=380 [2019-08-05 11:00:08,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2019-08-05 11:00:08,259 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 170. [2019-08-05 11:00:08,259 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 170 states. [2019-08-05 11:00:08,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 170 states to 170 states and 184 transitions. [2019-08-05 11:00:08,260 INFO L78 Accepts]: Start accepts. Automaton has 170 states and 184 transitions. Word has length 152 [2019-08-05 11:00:08,260 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:08,260 INFO L475 AbstractCegarLoop]: Abstraction has 170 states and 184 transitions. [2019-08-05 11:00:08,260 INFO L476 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-08-05 11:00:08,260 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 184 transitions. [2019-08-05 11:00:08,261 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 170 [2019-08-05 11:00:08,261 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:08,261 INFO L399 BasicCegarLoop]: trace histogram [119, 16, 16, 15, 1, 1, 1] [2019-08-05 11:00:08,262 INFO L418 AbstractCegarLoop]: === Iteration 31 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:08,262 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:08,262 INFO L82 PathProgramCache]: Analyzing trace with hash -93551655, now seen corresponding path program 29 times [2019-08-05 11:00:08,263 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:08,499 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:08,520 INFO L256 TraceCheckSpWp]: Trace formula consists of 2870 conjuncts, 34 conjunts are in the unsatisfiable core [2019-08-05 11:00:08,525 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:09,030 INFO L134 CoverageAnalysis]: Checked inductivity of 9285 backedges. 6820 proven. 1905 refuted. 0 times theorem prover too weak. 560 trivial. 0 not checked. [2019-08-05 11:00:09,030 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:09,030 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [32] total 32 [2019-08-05 11:00:09,031 INFO L454 AbstractCegarLoop]: Interpolant automaton has 33 states [2019-08-05 11:00:09,031 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2019-08-05 11:00:09,031 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=288, Invalid=768, Unknown=0, NotChecked=0, Total=1056 [2019-08-05 11:00:09,031 INFO L87 Difference]: Start difference. First operand 170 states and 184 transitions. Second operand 33 states. [2019-08-05 11:00:10,154 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:10,154 INFO L93 Difference]: Finished difference Result 171 states and 185 transitions. [2019-08-05 11:00:10,154 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2019-08-05 11:00:10,155 INFO L78 Accepts]: Start accepts. Automaton has 33 states. Word has length 169 [2019-08-05 11:00:10,155 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:10,156 INFO L225 Difference]: With dead ends: 171 [2019-08-05 11:00:10,156 INFO L226 Difference]: Without dead ends: 171 [2019-08-05 11:00:10,158 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 183 GetRequests, 137 SyntacticMatches, 0 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 330 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=783, Invalid=1473, Unknown=0, NotChecked=0, Total=2256 [2019-08-05 11:00:10,158 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 171 states. [2019-08-05 11:00:10,161 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 171 to 171. [2019-08-05 11:00:10,161 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 171 states. [2019-08-05 11:00:10,161 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 171 states to 171 states and 185 transitions. [2019-08-05 11:00:10,162 INFO L78 Accepts]: Start accepts. Automaton has 171 states and 185 transitions. Word has length 169 [2019-08-05 11:00:10,162 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:10,162 INFO L475 AbstractCegarLoop]: Abstraction has 171 states and 185 transitions. [2019-08-05 11:00:10,162 INFO L476 AbstractCegarLoop]: Interpolant automaton has 33 states. [2019-08-05 11:00:10,162 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 185 transitions. [2019-08-05 11:00:10,163 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 171 [2019-08-05 11:00:10,163 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:10,163 INFO L399 BasicCegarLoop]: trace histogram [120, 16, 16, 15, 1, 1, 1] [2019-08-05 11:00:10,164 INFO L418 AbstractCegarLoop]: === Iteration 32 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:10,164 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:10,164 INFO L82 PathProgramCache]: Analyzing trace with hash 1394919700, now seen corresponding path program 30 times [2019-08-05 11:00:10,165 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:16,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:16,115 INFO L256 TraceCheckSpWp]: Trace formula consists of 2888 conjuncts, 74 conjunts are in the unsatisfiable core [2019-08-05 11:00:16,121 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:16,183 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 11:00:16,366 WARN L188 SmtUtils]: Spent 179.00 ms on a formula simplification that was a NOOP. DAG size: 13 [2019-08-05 11:00:16,366 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 11:00:16,367 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 11:00:16,367 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 11:00:16,791 WARN L188 SmtUtils]: Spent 422.00 ms on a formula simplification. DAG size of input: 22 DAG size of output: 19 [2019-08-05 11:00:16,791 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 11:00:16,791 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 11:00:16,792 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 11:00:17,439 INFO L134 CoverageAnalysis]: Checked inductivity of 9420 backedges. 0 proven. 8758 refuted. 0 times theorem prover too weak. 662 trivial. 0 not checked. [2019-08-05 11:00:17,439 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:17,440 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [22] total 22 [2019-08-05 11:00:17,440 INFO L454 AbstractCegarLoop]: Interpolant automaton has 23 states [2019-08-05 11:00:17,440 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2019-08-05 11:00:17,441 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=47, Invalid=459, Unknown=0, NotChecked=0, Total=506 [2019-08-05 11:00:17,441 INFO L87 Difference]: Start difference. First operand 171 states and 185 transitions. Second operand 23 states. [2019-08-05 11:00:18,875 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:18,876 INFO L93 Difference]: Finished difference Result 206 states and 222 transitions. [2019-08-05 11:00:18,876 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2019-08-05 11:00:18,876 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 170 [2019-08-05 11:00:18,877 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:18,878 INFO L225 Difference]: With dead ends: 206 [2019-08-05 11:00:18,878 INFO L226 Difference]: Without dead ends: 206 [2019-08-05 11:00:18,879 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 171 GetRequests, 148 SyntacticMatches, 0 SemanticMatches, 23 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=56, Invalid=544, Unknown=0, NotChecked=0, Total=600 [2019-08-05 11:00:18,880 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 206 states. [2019-08-05 11:00:18,882 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 206 to 189. [2019-08-05 11:00:18,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 189 states. [2019-08-05 11:00:18,883 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 189 states to 189 states and 204 transitions. [2019-08-05 11:00:18,883 INFO L78 Accepts]: Start accepts. Automaton has 189 states and 204 transitions. Word has length 170 [2019-08-05 11:00:18,884 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:18,884 INFO L475 AbstractCegarLoop]: Abstraction has 189 states and 204 transitions. [2019-08-05 11:00:18,884 INFO L476 AbstractCegarLoop]: Interpolant automaton has 23 states. [2019-08-05 11:00:18,884 INFO L276 IsEmpty]: Start isEmpty. Operand 189 states and 204 transitions. [2019-08-05 11:00:18,885 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 189 [2019-08-05 11:00:18,885 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:18,885 INFO L399 BasicCegarLoop]: trace histogram [135, 17, 17, 16, 1, 1, 1] [2019-08-05 11:00:18,886 INFO L418 AbstractCegarLoop]: === Iteration 33 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:18,886 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:18,886 INFO L82 PathProgramCache]: Analyzing trace with hash -151256667, now seen corresponding path program 31 times [2019-08-05 11:00:18,886 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:19,151 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:19,172 INFO L256 TraceCheckSpWp]: Trace formula consists of 3202 conjuncts, 36 conjunts are in the unsatisfiable core [2019-08-05 11:00:19,177 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:20,380 INFO L134 CoverageAnalysis]: Checked inductivity of 11748 backedges. 8772 proven. 2296 refuted. 0 times theorem prover too weak. 680 trivial. 0 not checked. [2019-08-05 11:00:20,380 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:20,381 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [34] total 34 [2019-08-05 11:00:20,381 INFO L454 AbstractCegarLoop]: Interpolant automaton has 35 states [2019-08-05 11:00:20,381 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2019-08-05 11:00:20,382 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=323, Invalid=867, Unknown=0, NotChecked=0, Total=1190 [2019-08-05 11:00:20,382 INFO L87 Difference]: Start difference. First operand 189 states and 204 transitions. Second operand 35 states. [2019-08-05 11:00:21,148 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:21,148 INFO L93 Difference]: Finished difference Result 190 states and 205 transitions. [2019-08-05 11:00:21,149 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 35 states. [2019-08-05 11:00:21,149 INFO L78 Accepts]: Start accepts. Automaton has 35 states. Word has length 188 [2019-08-05 11:00:21,150 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:21,152 INFO L225 Difference]: With dead ends: 190 [2019-08-05 11:00:21,152 INFO L226 Difference]: Without dead ends: 190 [2019-08-05 11:00:21,153 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 203 GetRequests, 154 SyntacticMatches, 0 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 376 ImplicationChecksByTransitivity, 1.3s TimeCoverageRelationStatistics Valid=883, Invalid=1667, Unknown=0, NotChecked=0, Total=2550 [2019-08-05 11:00:21,154 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2019-08-05 11:00:21,157 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 190. [2019-08-05 11:00:21,157 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 190 states. [2019-08-05 11:00:21,158 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 205 transitions. [2019-08-05 11:00:21,158 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 205 transitions. Word has length 188 [2019-08-05 11:00:21,158 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:21,158 INFO L475 AbstractCegarLoop]: Abstraction has 190 states and 205 transitions. [2019-08-05 11:00:21,158 INFO L476 AbstractCegarLoop]: Interpolant automaton has 35 states. [2019-08-05 11:00:21,159 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 205 transitions. [2019-08-05 11:00:21,160 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 190 [2019-08-05 11:00:21,160 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:21,160 INFO L399 BasicCegarLoop]: trace histogram [136, 17, 17, 16, 1, 1, 1] [2019-08-05 11:00:21,160 INFO L418 AbstractCegarLoop]: === Iteration 34 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:21,161 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:21,161 INFO L82 PathProgramCache]: Analyzing trace with hash -393935672, now seen corresponding path program 32 times [2019-08-05 11:00:21,161 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:32,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:32,497 INFO L256 TraceCheckSpWp]: Trace formula consists of 3220 conjuncts, 64 conjunts are in the unsatisfiable core [2019-08-05 11:00:32,501 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:32,528 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 11:00:32,542 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 11:00:32,543 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 11:00:32,543 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 11:00:32,574 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 11:00:32,575 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 11:00:32,575 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 11:00:32,790 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:32,878 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:33,654 INFO L134 CoverageAnalysis]: Checked inductivity of 11900 backedges. 0 proven. 11109 refuted. 0 times theorem prover too weak. 791 trivial. 0 not checked. [2019-08-05 11:00:33,654 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:33,654 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [22] total 22 [2019-08-05 11:00:33,655 INFO L454 AbstractCegarLoop]: Interpolant automaton has 23 states [2019-08-05 11:00:33,655 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2019-08-05 11:00:33,655 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=46, Invalid=460, Unknown=0, NotChecked=0, Total=506 [2019-08-05 11:00:33,655 INFO L87 Difference]: Start difference. First operand 190 states and 205 transitions. Second operand 23 states. [2019-08-05 11:00:36,925 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:36,925 INFO L93 Difference]: Finished difference Result 227 states and 244 transitions. [2019-08-05 11:00:36,925 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2019-08-05 11:00:36,926 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 189 [2019-08-05 11:00:36,926 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:36,928 INFO L225 Difference]: With dead ends: 227 [2019-08-05 11:00:36,928 INFO L226 Difference]: Without dead ends: 227 [2019-08-05 11:00:36,929 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 191 GetRequests, 167 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=62, Invalid=588, Unknown=0, NotChecked=0, Total=650 [2019-08-05 11:00:36,929 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2019-08-05 11:00:36,932 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 209. [2019-08-05 11:00:36,932 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 209 states. [2019-08-05 11:00:36,933 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 209 states to 209 states and 225 transitions. [2019-08-05 11:00:36,933 INFO L78 Accepts]: Start accepts. Automaton has 209 states and 225 transitions. Word has length 189 [2019-08-05 11:00:36,933 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:36,934 INFO L475 AbstractCegarLoop]: Abstraction has 209 states and 225 transitions. [2019-08-05 11:00:36,934 INFO L476 AbstractCegarLoop]: Interpolant automaton has 23 states. [2019-08-05 11:00:36,934 INFO L276 IsEmpty]: Start isEmpty. Operand 209 states and 225 transitions. [2019-08-05 11:00:36,935 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 209 [2019-08-05 11:00:36,935 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:36,935 INFO L399 BasicCegarLoop]: trace histogram [152, 18, 18, 17, 1, 1, 1] [2019-08-05 11:00:36,935 INFO L418 AbstractCegarLoop]: === Iteration 35 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:36,936 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:36,936 INFO L82 PathProgramCache]: Analyzing trace with hash -1051220844, now seen corresponding path program 33 times [2019-08-05 11:00:36,936 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:37,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:37,279 INFO L256 TraceCheckSpWp]: Trace formula consists of 3552 conjuncts, 38 conjunts are in the unsatisfiable core [2019-08-05 11:00:37,284 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:37,922 INFO L134 CoverageAnalysis]: Checked inductivity of 14671 backedges. 11118 proven. 2737 refuted. 0 times theorem prover too weak. 816 trivial. 0 not checked. [2019-08-05 11:00:37,922 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:37,922 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [36] total 36 [2019-08-05 11:00:37,923 INFO L454 AbstractCegarLoop]: Interpolant automaton has 37 states [2019-08-05 11:00:37,923 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 37 interpolants. [2019-08-05 11:00:37,924 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=360, Invalid=972, Unknown=0, NotChecked=0, Total=1332 [2019-08-05 11:00:37,924 INFO L87 Difference]: Start difference. First operand 209 states and 225 transitions. Second operand 37 states. [2019-08-05 11:00:38,753 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:38,753 INFO L93 Difference]: Finished difference Result 210 states and 226 transitions. [2019-08-05 11:00:38,754 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 37 states. [2019-08-05 11:00:38,754 INFO L78 Accepts]: Start accepts. Automaton has 37 states. Word has length 208 [2019-08-05 11:00:38,755 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:38,756 INFO L225 Difference]: With dead ends: 210 [2019-08-05 11:00:38,756 INFO L226 Difference]: Without dead ends: 210 [2019-08-05 11:00:38,757 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 172 SyntacticMatches, 0 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 425 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=989, Invalid=1873, Unknown=0, NotChecked=0, Total=2862 [2019-08-05 11:00:38,758 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 210 states. [2019-08-05 11:00:38,761 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 210 to 210. [2019-08-05 11:00:38,761 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 210 states. [2019-08-05 11:00:38,762 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 226 transitions. [2019-08-05 11:00:38,762 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 226 transitions. Word has length 208 [2019-08-05 11:00:38,762 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:38,762 INFO L475 AbstractCegarLoop]: Abstraction has 210 states and 226 transitions. [2019-08-05 11:00:38,762 INFO L476 AbstractCegarLoop]: Interpolant automaton has 37 states. [2019-08-05 11:00:38,763 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 226 transitions. [2019-08-05 11:00:38,763 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 210 [2019-08-05 11:00:38,764 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:38,764 INFO L399 BasicCegarLoop]: trace histogram [153, 18, 18, 17, 1, 1, 1] [2019-08-05 11:00:38,764 INFO L418 AbstractCegarLoop]: === Iteration 36 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:38,764 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:38,764 INFO L82 PathProgramCache]: Analyzing trace with hash 1771945913, now seen corresponding path program 34 times [2019-08-05 11:00:38,765 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:50,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:50,345 INFO L256 TraceCheckSpWp]: Trace formula consists of 3570 conjuncts, 62 conjunts are in the unsatisfiable core [2019-08-05 11:00:50,349 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:50,381 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 11:00:50,406 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 11:00:50,406 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 11:00:50,407 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 11:00:50,430 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 11:00:50,431 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:50,432 INFO L496 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-08-05 11:00:50,432 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:19, output treesize:21 [2019-08-05 11:00:50,432 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:50,438 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:50,443 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:50,500 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:50,836 WARN L188 SmtUtils]: Spent 290.00 ms on a formula simplification that was a NOOP. DAG size: 20 [2019-08-05 11:00:51,461 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:00:51,788 INFO L134 CoverageAnalysis]: Checked inductivity of 14841 backedges. 0 proven. 13872 refuted. 0 times theorem prover too weak. 969 trivial. 0 not checked. [2019-08-05 11:00:51,788 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:51,788 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [21] total 21 [2019-08-05 11:00:51,789 INFO L454 AbstractCegarLoop]: Interpolant automaton has 22 states [2019-08-05 11:00:51,789 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2019-08-05 11:00:51,790 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=42, Invalid=420, Unknown=0, NotChecked=0, Total=462 [2019-08-05 11:00:51,790 INFO L87 Difference]: Start difference. First operand 210 states and 226 transitions. Second operand 22 states. [2019-08-05 11:00:53,858 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:53,859 INFO L93 Difference]: Finished difference Result 249 states and 267 transitions. [2019-08-05 11:00:53,859 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2019-08-05 11:00:53,859 INFO L78 Accepts]: Start accepts. Automaton has 22 states. Word has length 209 [2019-08-05 11:00:53,860 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:53,861 INFO L225 Difference]: With dead ends: 249 [2019-08-05 11:00:53,861 INFO L226 Difference]: Without dead ends: 249 [2019-08-05 11:00:53,862 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 209 GetRequests, 186 SyntacticMatches, 2 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=46, Invalid=460, Unknown=0, NotChecked=0, Total=506 [2019-08-05 11:00:53,862 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 249 states. [2019-08-05 11:00:53,865 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 249 to 230. [2019-08-05 11:00:53,865 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 230 states. [2019-08-05 11:00:53,866 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 230 states to 230 states and 247 transitions. [2019-08-05 11:00:53,866 INFO L78 Accepts]: Start accepts. Automaton has 230 states and 247 transitions. Word has length 209 [2019-08-05 11:00:53,866 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:53,866 INFO L475 AbstractCegarLoop]: Abstraction has 230 states and 247 transitions. [2019-08-05 11:00:53,867 INFO L476 AbstractCegarLoop]: Interpolant automaton has 22 states. [2019-08-05 11:00:53,867 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 247 transitions. [2019-08-05 11:00:53,868 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 230 [2019-08-05 11:00:53,868 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:53,868 INFO L399 BasicCegarLoop]: trace histogram [170, 19, 19, 18, 1, 1, 1] [2019-08-05 11:00:53,868 INFO L418 AbstractCegarLoop]: === Iteration 37 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:53,868 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:53,869 INFO L82 PathProgramCache]: Analyzing trace with hash 1830066218, now seen corresponding path program 35 times [2019-08-05 11:00:53,869 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:00:54,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:00:54,297 INFO L256 TraceCheckSpWp]: Trace formula consists of 3920 conjuncts, 40 conjunts are in the unsatisfiable core [2019-08-05 11:00:54,304 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:00:54,942 INFO L134 CoverageAnalysis]: Checked inductivity of 18108 backedges. 13908 proven. 3231 refuted. 0 times theorem prover too weak. 969 trivial. 0 not checked. [2019-08-05 11:00:54,942 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:00:54,942 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [38] total 38 [2019-08-05 11:00:54,943 INFO L454 AbstractCegarLoop]: Interpolant automaton has 39 states [2019-08-05 11:00:54,943 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2019-08-05 11:00:54,944 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=399, Invalid=1083, Unknown=0, NotChecked=0, Total=1482 [2019-08-05 11:00:54,944 INFO L87 Difference]: Start difference. First operand 230 states and 247 transitions. Second operand 39 states. [2019-08-05 11:00:55,652 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:00:55,652 INFO L93 Difference]: Finished difference Result 231 states and 248 transitions. [2019-08-05 11:00:55,659 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2019-08-05 11:00:55,659 INFO L78 Accepts]: Start accepts. Automaton has 39 states. Word has length 229 [2019-08-05 11:00:55,659 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:00:55,660 INFO L225 Difference]: With dead ends: 231 [2019-08-05 11:00:55,660 INFO L226 Difference]: Without dead ends: 231 [2019-08-05 11:00:55,661 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 246 GetRequests, 191 SyntacticMatches, 0 SemanticMatches, 55 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 477 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=1101, Invalid=2091, Unknown=0, NotChecked=0, Total=3192 [2019-08-05 11:00:55,662 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2019-08-05 11:00:55,664 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 231. [2019-08-05 11:00:55,664 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 231 states. [2019-08-05 11:00:55,665 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 231 states to 231 states and 248 transitions. [2019-08-05 11:00:55,665 INFO L78 Accepts]: Start accepts. Automaton has 231 states and 248 transitions. Word has length 229 [2019-08-05 11:00:55,665 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:00:55,665 INFO L475 AbstractCegarLoop]: Abstraction has 231 states and 248 transitions. [2019-08-05 11:00:55,665 INFO L476 AbstractCegarLoop]: Interpolant automaton has 39 states. [2019-08-05 11:00:55,665 INFO L276 IsEmpty]: Start isEmpty. Operand 231 states and 248 transitions. [2019-08-05 11:00:55,666 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 231 [2019-08-05 11:00:55,667 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:00:55,667 INFO L399 BasicCegarLoop]: trace histogram [171, 19, 19, 18, 1, 1, 1] [2019-08-05 11:00:55,667 INFO L418 AbstractCegarLoop]: === Iteration 38 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:00:55,667 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:00:55,667 INFO L82 PathProgramCache]: Analyzing trace with hash 897531619, now seen corresponding path program 36 times [2019-08-05 11:00:55,668 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:01:11,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:01:11,659 INFO L256 TraceCheckSpWp]: Trace formula consists of 3938 conjuncts, 82 conjunts are in the unsatisfiable core [2019-08-05 11:01:11,664 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:01:11,727 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 11:01:11,789 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 11:01:11,789 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 11:01:11,789 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 11:01:11,813 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 11:01:11,813 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 11:01:11,814 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 11:01:12,027 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:01:12,126 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:01:13,162 INFO L134 CoverageAnalysis]: Checked inductivity of 18297 backedges. 0 proven. 17185 refuted. 0 times theorem prover too weak. 1112 trivial. 0 not checked. [2019-08-05 11:01:13,163 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:01:13,163 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [26] total 26 [2019-08-05 11:01:13,163 INFO L454 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-08-05 11:01:13,163 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-08-05 11:01:13,164 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=646, Unknown=0, NotChecked=0, Total=702 [2019-08-05 11:01:13,164 INFO L87 Difference]: Start difference. First operand 231 states and 248 transitions. Second operand 27 states. [2019-08-05 11:01:15,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:01:15,103 INFO L93 Difference]: Finished difference Result 272 states and 291 transitions. [2019-08-05 11:01:15,104 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-08-05 11:01:15,104 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 230 [2019-08-05 11:01:15,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:01:15,106 INFO L225 Difference]: With dead ends: 272 [2019-08-05 11:01:15,106 INFO L226 Difference]: Without dead ends: 272 [2019-08-05 11:01:15,107 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 232 GetRequests, 204 SyntacticMatches, 0 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 69 ImplicationChecksByTransitivity, 1.2s TimeCoverageRelationStatistics Valid=72, Invalid=798, Unknown=0, NotChecked=0, Total=870 [2019-08-05 11:01:15,108 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 272 states. [2019-08-05 11:01:15,111 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 272 to 252. [2019-08-05 11:01:15,111 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 252 states. [2019-08-05 11:01:15,112 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 252 states to 252 states and 270 transitions. [2019-08-05 11:01:15,112 INFO L78 Accepts]: Start accepts. Automaton has 252 states and 270 transitions. Word has length 230 [2019-08-05 11:01:15,112 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:01:15,112 INFO L475 AbstractCegarLoop]: Abstraction has 252 states and 270 transitions. [2019-08-05 11:01:15,112 INFO L476 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-08-05 11:01:15,112 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 270 transitions. [2019-08-05 11:01:15,113 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 252 [2019-08-05 11:01:15,114 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:01:15,114 INFO L399 BasicCegarLoop]: trace histogram [189, 20, 20, 19, 1, 1, 1] [2019-08-05 11:01:15,114 INFO L418 AbstractCegarLoop]: === Iteration 39 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:01:15,114 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:01:15,114 INFO L82 PathProgramCache]: Analyzing trace with hash -1178354183, now seen corresponding path program 37 times [2019-08-05 11:01:15,115 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:01:15,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:01:15,629 INFO L256 TraceCheckSpWp]: Trace formula consists of 4306 conjuncts, 42 conjunts are in the unsatisfiable core [2019-08-05 11:01:15,633 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:01:17,063 INFO L134 CoverageAnalysis]: Checked inductivity of 22116 backedges. 17195 proven. 3781 refuted. 0 times theorem prover too weak. 1140 trivial. 0 not checked. [2019-08-05 11:01:17,064 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:01:17,064 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [40] total 40 [2019-08-05 11:01:17,064 INFO L454 AbstractCegarLoop]: Interpolant automaton has 41 states [2019-08-05 11:01:17,064 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 41 interpolants. [2019-08-05 11:01:17,065 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=440, Invalid=1200, Unknown=0, NotChecked=0, Total=1640 [2019-08-05 11:01:17,065 INFO L87 Difference]: Start difference. First operand 252 states and 270 transitions. Second operand 41 states. [2019-08-05 11:01:18,489 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:01:18,489 INFO L93 Difference]: Finished difference Result 253 states and 271 transitions. [2019-08-05 11:01:18,490 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 41 states. [2019-08-05 11:01:18,490 INFO L78 Accepts]: Start accepts. Automaton has 41 states. Word has length 251 [2019-08-05 11:01:18,490 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:01:18,492 INFO L225 Difference]: With dead ends: 253 [2019-08-05 11:01:18,492 INFO L226 Difference]: Without dead ends: 253 [2019-08-05 11:01:18,494 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 269 GetRequests, 211 SyntacticMatches, 0 SemanticMatches, 58 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 532 ImplicationChecksByTransitivity, 1.7s TimeCoverageRelationStatistics Valid=1219, Invalid=2321, Unknown=0, NotChecked=0, Total=3540 [2019-08-05 11:01:18,494 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 253 states. [2019-08-05 11:01:18,497 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 253 to 253. [2019-08-05 11:01:18,497 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 253 states. [2019-08-05 11:01:18,497 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 253 states to 253 states and 271 transitions. [2019-08-05 11:01:18,497 INFO L78 Accepts]: Start accepts. Automaton has 253 states and 271 transitions. Word has length 251 [2019-08-05 11:01:18,498 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:01:18,498 INFO L475 AbstractCegarLoop]: Abstraction has 253 states and 271 transitions. [2019-08-05 11:01:18,498 INFO L476 AbstractCegarLoop]: Interpolant automaton has 41 states. [2019-08-05 11:01:18,498 INFO L276 IsEmpty]: Start isEmpty. Operand 253 states and 271 transitions. [2019-08-05 11:01:18,499 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 253 [2019-08-05 11:01:18,499 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:01:18,500 INFO L399 BasicCegarLoop]: trace histogram [190, 20, 20, 19, 1, 1, 1] [2019-08-05 11:01:18,500 INFO L418 AbstractCegarLoop]: === Iteration 40 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:01:18,500 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:01:18,500 INFO L82 PathProgramCache]: Analyzing trace with hash 2125779700, now seen corresponding path program 38 times [2019-08-05 11:01:18,501 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:01:47,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:01:48,046 INFO L256 TraceCheckSpWp]: Trace formula consists of 4324 conjuncts, 80 conjunts are in the unsatisfiable core [2019-08-05 11:01:48,053 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:01:48,075 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 11:01:48,111 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 11:01:48,112 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 11:01:48,112 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 11:01:48,135 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 11:01:48,136 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 11:01:48,136 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 11:01:48,404 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:01:48,984 WARN L188 SmtUtils]: Spent 119.00 ms on a formula simplification that was a NOOP. DAG size: 29 [2019-08-05 11:01:48,985 INFO L320 QuantifierPusher]: Applying distributivity, recursing on 2 terms [2019-08-05 11:01:49,558 WARN L188 SmtUtils]: Spent 113.00 ms on a formula simplification that was a NOOP. DAG size: 17 [2019-08-05 11:01:50,256 INFO L134 CoverageAnalysis]: Checked inductivity of 22325 backedges. 0 proven. 21006 refuted. 0 times theorem prover too weak. 1319 trivial. 0 not checked. [2019-08-05 11:01:50,257 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:01:50,257 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [25] total 25 [2019-08-05 11:01:50,257 INFO L454 AbstractCegarLoop]: Interpolant automaton has 26 states [2019-08-05 11:01:50,258 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2019-08-05 11:01:50,258 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=52, Invalid=598, Unknown=0, NotChecked=0, Total=650 [2019-08-05 11:01:50,258 INFO L87 Difference]: Start difference. First operand 253 states and 271 transitions. Second operand 26 states. [2019-08-05 11:01:52,377 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:01:52,378 INFO L93 Difference]: Finished difference Result 296 states and 316 transitions. [2019-08-05 11:01:52,378 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2019-08-05 11:01:52,378 INFO L78 Accepts]: Start accepts. Automaton has 26 states. Word has length 252 [2019-08-05 11:01:52,379 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:01:52,380 INFO L225 Difference]: With dead ends: 296 [2019-08-05 11:01:52,380 INFO L226 Difference]: Without dead ends: 296 [2019-08-05 11:01:52,381 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 253 GetRequests, 227 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21 ImplicationChecksByTransitivity, 1.8s TimeCoverageRelationStatistics Valid=61, Invalid=695, Unknown=0, NotChecked=0, Total=756 [2019-08-05 11:01:52,382 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2019-08-05 11:01:52,384 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 275. [2019-08-05 11:01:52,384 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 275 states. [2019-08-05 11:01:52,385 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 275 states to 275 states and 294 transitions. [2019-08-05 11:01:52,385 INFO L78 Accepts]: Start accepts. Automaton has 275 states and 294 transitions. Word has length 252 [2019-08-05 11:01:52,385 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:01:52,385 INFO L475 AbstractCegarLoop]: Abstraction has 275 states and 294 transitions. [2019-08-05 11:01:52,385 INFO L476 AbstractCegarLoop]: Interpolant automaton has 26 states. [2019-08-05 11:01:52,385 INFO L276 IsEmpty]: Start isEmpty. Operand 275 states and 294 transitions. [2019-08-05 11:01:52,386 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 275 [2019-08-05 11:01:52,386 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:01:52,386 INFO L399 BasicCegarLoop]: trace histogram [209, 21, 21, 20, 1, 1, 1] [2019-08-05 11:01:52,387 INFO L418 AbstractCegarLoop]: === Iteration 41 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:01:52,387 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:01:52,387 INFO L82 PathProgramCache]: Analyzing trace with hash 1544459333, now seen corresponding path program 39 times [2019-08-05 11:01:52,387 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:01:52,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:01:52,998 INFO L256 TraceCheckSpWp]: Trace formula consists of 4710 conjuncts, 44 conjunts are in the unsatisfiable core [2019-08-05 11:01:53,003 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:01:53,670 INFO L134 CoverageAnalysis]: Checked inductivity of 26755 backedges. 21035 proven. 4390 refuted. 0 times theorem prover too weak. 1330 trivial. 0 not checked. [2019-08-05 11:01:53,670 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:01:53,670 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [42] total 42 [2019-08-05 11:01:53,671 INFO L454 AbstractCegarLoop]: Interpolant automaton has 43 states [2019-08-05 11:01:53,671 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 43 interpolants. [2019-08-05 11:01:53,671 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=483, Invalid=1323, Unknown=0, NotChecked=0, Total=1806 [2019-08-05 11:01:53,671 INFO L87 Difference]: Start difference. First operand 275 states and 294 transitions. Second operand 43 states. [2019-08-05 11:01:55,390 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:01:55,391 INFO L93 Difference]: Finished difference Result 276 states and 295 transitions. [2019-08-05 11:01:55,391 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 43 states. [2019-08-05 11:01:55,391 INFO L78 Accepts]: Start accepts. Automaton has 43 states. Word has length 274 [2019-08-05 11:01:55,392 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:01:55,393 INFO L225 Difference]: With dead ends: 276 [2019-08-05 11:01:55,393 INFO L226 Difference]: Without dead ends: 276 [2019-08-05 11:01:55,395 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 293 GetRequests, 232 SyntacticMatches, 0 SemanticMatches, 61 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 590 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=1343, Invalid=2563, Unknown=0, NotChecked=0, Total=3906 [2019-08-05 11:01:55,395 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 276 states. [2019-08-05 11:01:55,397 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 276 to 276. [2019-08-05 11:01:55,397 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 276 states. [2019-08-05 11:01:55,398 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 295 transitions. [2019-08-05 11:01:55,398 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 295 transitions. Word has length 274 [2019-08-05 11:01:55,398 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:01:55,398 INFO L475 AbstractCegarLoop]: Abstraction has 276 states and 295 transitions. [2019-08-05 11:01:55,398 INFO L476 AbstractCegarLoop]: Interpolant automaton has 43 states. [2019-08-05 11:01:55,398 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 295 transitions. [2019-08-05 11:01:55,399 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 276 [2019-08-05 11:01:55,399 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:01:55,399 INFO L399 BasicCegarLoop]: trace histogram [210, 21, 21, 20, 1, 1, 1] [2019-08-05 11:01:55,400 INFO L418 AbstractCegarLoop]: === Iteration 42 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:01:55,400 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:01:55,400 INFO L82 PathProgramCache]: Analyzing trace with hash 633652776, now seen corresponding path program 40 times [2019-08-05 11:01:55,400 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:02:35,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:02:35,470 INFO L256 TraceCheckSpWp]: Trace formula consists of 4728 conjuncts, 72 conjunts are in the unsatisfiable core [2019-08-05 11:02:35,474 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:02:35,502 INFO L189 IndexEqualityManager]: detected not equals via solver [2019-08-05 11:02:35,514 INFO L341 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2019-08-05 11:02:35,515 INFO L375 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 25 [2019-08-05 11:02:35,515 INFO L496 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-08-05 11:02:35,540 INFO L567 ElimStorePlain]: treesize reduction 10, result has 70.6 percent of original size [2019-08-05 11:02:35,541 INFO L496 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-08-05 11:02:35,541 INFO L221 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:19, output treesize:21 [2019-08-05 11:02:36,702 INFO L134 CoverageAnalysis]: Checked inductivity of 26985 backedges. 0 proven. 25489 refuted. 0 times theorem prover too weak. 1496 trivial. 0 not checked. [2019-08-05 11:02:36,703 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:02:36,703 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [26] total 26 [2019-08-05 11:02:36,703 INFO L454 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-08-05 11:02:36,703 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-08-05 11:02:36,704 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=54, Invalid=648, Unknown=0, NotChecked=0, Total=702 [2019-08-05 11:02:36,704 INFO L87 Difference]: Start difference. First operand 276 states and 295 transitions. Second operand 27 states. [2019-08-05 11:02:38,763 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:02:38,763 INFO L93 Difference]: Finished difference Result 321 states and 342 transitions. [2019-08-05 11:02:38,763 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-08-05 11:02:38,764 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 275 [2019-08-05 11:02:38,764 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:02:38,766 INFO L225 Difference]: With dead ends: 321 [2019-08-05 11:02:38,766 INFO L226 Difference]: Without dead ends: 321 [2019-08-05 11:02:38,767 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 276 GetRequests, 249 SyntacticMatches, 0 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 22 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=63, Invalid=749, Unknown=0, NotChecked=0, Total=812 [2019-08-05 11:02:38,767 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 321 states. [2019-08-05 11:02:38,770 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 321 to 299. [2019-08-05 11:02:38,771 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 299 states. [2019-08-05 11:02:38,771 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 299 states to 299 states and 319 transitions. [2019-08-05 11:02:38,771 INFO L78 Accepts]: Start accepts. Automaton has 299 states and 319 transitions. Word has length 275 [2019-08-05 11:02:38,772 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:02:38,772 INFO L475 AbstractCegarLoop]: Abstraction has 299 states and 319 transitions. [2019-08-05 11:02:38,772 INFO L476 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-08-05 11:02:38,772 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 319 transitions. [2019-08-05 11:02:38,773 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 299 [2019-08-05 11:02:38,774 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:02:38,774 INFO L399 BasicCegarLoop]: trace histogram [230, 22, 22, 21, 1, 1, 1] [2019-08-05 11:02:38,774 INFO L418 AbstractCegarLoop]: === Iteration 43 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:02:38,774 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:02:38,774 INFO L82 PathProgramCache]: Analyzing trace with hash -1463519116, now seen corresponding path program 41 times [2019-08-05 11:02:38,775 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 11:02:39,506 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 11:02:39,538 INFO L256 TraceCheckSpWp]: Trace formula consists of 5132 conjuncts, 46 conjunts are in the unsatisfiable core [2019-08-05 11:02:39,542 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 11:02:40,369 INFO L134 CoverageAnalysis]: Checked inductivity of 32088 backedges. 25487 proven. 5061 refuted. 0 times theorem prover too weak. 1540 trivial. 0 not checked. [2019-08-05 11:02:40,370 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 11:02:40,370 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [44] total 44 [2019-08-05 11:02:40,370 INFO L454 AbstractCegarLoop]: Interpolant automaton has 45 states [2019-08-05 11:02:40,371 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 45 interpolants. [2019-08-05 11:02:40,371 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=528, Invalid=1452, Unknown=0, NotChecked=0, Total=1980 [2019-08-05 11:02:40,372 INFO L87 Difference]: Start difference. First operand 299 states and 319 transitions. Second operand 45 states. [2019-08-05 11:02:42,007 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 11:02:42,008 INFO L93 Difference]: Finished difference Result 300 states and 320 transitions. [2019-08-05 11:02:42,008 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 45 states. [2019-08-05 11:02:42,008 INFO L78 Accepts]: Start accepts. Automaton has 45 states. Word has length 298 [2019-08-05 11:02:42,009 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 11:02:42,011 INFO L225 Difference]: With dead ends: 300 [2019-08-05 11:02:42,011 INFO L226 Difference]: Without dead ends: 300 [2019-08-05 11:02:42,013 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 318 GetRequests, 254 SyntacticMatches, 0 SemanticMatches, 64 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 651 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=1473, Invalid=2817, Unknown=0, NotChecked=0, Total=4290 [2019-08-05 11:02:42,013 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 300 states. [2019-08-05 11:02:42,016 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 300 to 300. [2019-08-05 11:02:42,016 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 300 states. [2019-08-05 11:02:42,017 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 300 states to 300 states and 320 transitions. [2019-08-05 11:02:42,017 INFO L78 Accepts]: Start accepts. Automaton has 300 states and 320 transitions. Word has length 298 [2019-08-05 11:02:42,018 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 11:02:42,018 INFO L475 AbstractCegarLoop]: Abstraction has 300 states and 320 transitions. [2019-08-05 11:02:42,018 INFO L476 AbstractCegarLoop]: Interpolant automaton has 45 states. [2019-08-05 11:02:42,018 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 320 transitions. [2019-08-05 11:02:42,019 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 300 [2019-08-05 11:02:42,020 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 11:02:42,020 INFO L399 BasicCegarLoop]: trace histogram [231, 22, 22, 21, 1, 1, 1] [2019-08-05 11:02:42,020 INFO L418 AbstractCegarLoop]: === Iteration 44 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 11:02:42,020 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 11:02:42,020 INFO L82 PathProgramCache]: Analyzing trace with hash 1875601369, now seen corresponding path program 42 times [2019-08-05 11:02:42,021 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy Received shutdown request... [2019-08-05 11:03:21,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2019-08-05 11:03:21,787 INFO L285 seRefinementStrategy]: Strategy FixedRefinementStrategy was unsuccessful and could not determine trace feasibility. [2019-08-05 11:03:21,787 INFO L466 BasicCegarLoop]: Counterexample might be feasible [2019-08-05 11:03:21,886 WARN L226 ceAbstractionStarter]: Unable to decide correctness. Please check the following counterexample manually. [2019-08-05 11:03:21,887 INFO L202 PluginConnector]: Adding new model ArraysOfVariableLength5_true-valid-memsafety.c_12.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.08 11:03:21 BoogieIcfgContainer [2019-08-05 11:03:21,887 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2019-08-05 11:03:21,888 INFO L168 Benchmark]: Toolchain (without parser) took 249202.44 ms. Allocated memory was 133.2 MB in the beginning and 2.8 GB in the end (delta: 2.7 GB). Free memory was 109.1 MB in the beginning and 932.2 MB in the end (delta: -823.1 MB). Peak memory consumption was 2.7 GB. Max. memory is 7.1 GB. [2019-08-05 11:03:21,889 INFO L168 Benchmark]: Boogie PL CUP Parser took 0.22 ms. Allocated memory is still 133.2 MB. Free memory was 110.7 MB in the beginning and 110.5 MB in the end (delta: 209.9 kB). Peak memory consumption was 209.9 kB. Max. memory is 7.1 GB. [2019-08-05 11:03:21,889 INFO L168 Benchmark]: Boogie Procedure Inliner took 40.97 ms. Allocated memory is still 133.2 MB. Free memory was 109.1 MB in the beginning and 107.3 MB in the end (delta: 1.8 MB). Peak memory consumption was 1.8 MB. Max. memory is 7.1 GB. [2019-08-05 11:03:21,890 INFO L168 Benchmark]: Boogie Preprocessor took 26.80 ms. Allocated memory is still 133.2 MB. Free memory was 107.3 MB in the beginning and 106.1 MB in the end (delta: 1.1 MB). Peak memory consumption was 1.1 MB. Max. memory is 7.1 GB. [2019-08-05 11:03:21,890 INFO L168 Benchmark]: RCFGBuilder took 475.81 ms. Allocated memory is still 133.2 MB. Free memory was 105.9 MB in the beginning and 92.9 MB in the end (delta: 13.0 MB). Peak memory consumption was 13.0 MB. Max. memory is 7.1 GB. [2019-08-05 11:03:21,891 INFO L168 Benchmark]: TraceAbstraction took 248654.26 ms. Allocated memory was 133.2 MB in the beginning and 2.8 GB in the end (delta: 2.7 GB). Free memory was 92.7 MB in the beginning and 932.2 MB in the end (delta: -839.5 MB). Peak memory consumption was 2.7 GB. Max. memory is 7.1 GB. [2019-08-05 11:03:21,893 INFO L335 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * Boogie PL CUP Parser took 0.22 ms. Allocated memory is still 133.2 MB. Free memory was 110.7 MB in the beginning and 110.5 MB in the end (delta: 209.9 kB). Peak memory consumption was 209.9 kB. Max. memory is 7.1 GB. * Boogie Procedure Inliner took 40.97 ms. Allocated memory is still 133.2 MB. Free memory was 109.1 MB in the beginning and 107.3 MB in the end (delta: 1.8 MB). Peak memory consumption was 1.8 MB. Max. memory is 7.1 GB. * Boogie Preprocessor took 26.80 ms. Allocated memory is still 133.2 MB. Free memory was 107.3 MB in the beginning and 106.1 MB in the end (delta: 1.1 MB). Peak memory consumption was 1.1 MB. Max. memory is 7.1 GB. * RCFGBuilder took 475.81 ms. Allocated memory is still 133.2 MB. Free memory was 105.9 MB in the beginning and 92.9 MB in the end (delta: 13.0 MB). Peak memory consumption was 13.0 MB. Max. memory is 7.1 GB. * TraceAbstraction took 248654.26 ms. Allocated memory was 133.2 MB in the beginning and 2.8 GB in the end (delta: 2.7 GB). Free memory was 92.7 MB in the beginning and 932.2 MB in the end (delta: -839.5 MB). Peak memory consumption was 2.7 GB. Max. memory is 7.1 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - UnprovableResult [Line: 144]: Unable to prove that assertion always holds Unable to prove that assertion always holds Reason: unable to decide satisfiability of path constraint. Possible FailurePath: [L55] #NULL.offset, #NULL.base := 0, 0; [L56] #valid := #valid[0 := 0]; [L57] main_old_#valid := #valid; [L58] havoc main_#res; [L59] havoc main_~c~0.base, main_~c~0.offset, main_~buffer~0, main_#t~post2, main_~#b~0.base, main_~#mask~0.base, main_~#mask~0.offset, main_~i~1, main_~#b~0.offset, main_#t~mem5, main_#t~ret3, main_#t~post4; [L60] havoc main_~i~1; [L61] #Ultimate.alloc_old_#valid, #Ultimate.alloc_old_#length := #valid, #length; [L62] #Ultimate.alloc_~size := 128; [L63] havoc #Ultimate.alloc_#res.offset, #Ultimate.alloc_#res.base; [L64] havoc #valid, #length; [L65] assume 0 == #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base]; [L66] assume #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base := 1] == #valid; [L67] assume #Ultimate.alloc_#res.offset == 0; [L68] assume !(0 == #Ultimate.alloc_#res.base); [L69] assume #Ultimate.alloc_old_#length[#Ultimate.alloc_#res.base := #Ultimate.alloc_~size] == #length; [L70] main_~#b~0.base, main_~#b~0.offset := #Ultimate.alloc_#res.base, #Ultimate.alloc_#res.offset; [L71] havoc main_~buffer~0; [L72] #Ultimate.alloc_old_#valid, #Ultimate.alloc_old_#length := #valid, #length; [L73] #Ultimate.alloc_~size := 32; [L74] havoc #Ultimate.alloc_#res.offset, #Ultimate.alloc_#res.base; [L75] havoc #valid, #length; [L76] assume 0 == #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base]; [L77] assume #valid == #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base := 1]; [L78] assume #Ultimate.alloc_#res.offset == 0; [L79] assume !(0 == #Ultimate.alloc_#res.base); [L80] assume #length == #Ultimate.alloc_old_#length[#Ultimate.alloc_#res.base := #Ultimate.alloc_~size]; [L81] main_~#mask~0.base, main_~#mask~0.offset := #Ultimate.alloc_#res.base, #Ultimate.alloc_#res.offset; [L82] havoc main_~c~0.base, main_~c~0.offset; [L83] main_~i~1 := 0; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L133] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L134] assume 1 == #valid[write~int_#ptr.base]; [L135] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L136] havoc #memory_int; [L137] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L138] havoc main_#t~ret3; [L139] main_#t~post2 := main_~i~1; [L140] main_~i~1 := main_#t~post2 + 1; [L141] havoc main_#t~post2; [L86] assume main_~i~1 < 32; [L87] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L88] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L89] havoc foo_#res; [L90] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L91] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L92] foo_~size := foo_#in~size; [L93] havoc foo_~a~0; [L94] havoc foo_~i~0; [L95] foo_~i~0 := 0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L111] assume foo_~i~0 < foo_~size; [L112] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L113] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L114] assume 1 == #valid[read~int_#ptr.base]; [L115] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L116] assume #valid[read~int_#ptr.base] == 1; [L117] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L118] havoc read~int_#value; [L119] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L120] foo_#t~mem1 := read~int_#value; [L121] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L122] havoc foo_#t~mem1; [L123] foo_#t~post0 := foo_~i~0; [L124] foo_~i~0 := foo_#t~post0 + 1; [L125] havoc foo_#t~post0; [L102] assume !(foo_~i~0 < foo_~size); [L103] foo_#res := foo_~i~0; [L104] main_#t~ret3 := foo_#res; [L105] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L106] write~int_old_#memory_int := #memory_int; [L107] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L108] assume 1 == #valid[write~int_#ptr.base]; [L130] assume !(write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]) || !(0 <= write~int_#ptr.offset); [L144] assert false; - StatisticsResult: Ultimate Automizer benchmark data CFG has 1 procedures, 7 locations, 1 error locations. UNKNOWN Result, 248.5s OverallTime, 44 OverallIterations, 231 TraceHistogramMax, 36.7s AutomataDifference, 0.0s DeadEndRemovalTime, 0.0s HoareAnnotationTime, HoareTripleCheckerStatistics: 379 SDtfs, 356 SDslu, 1129 SDs, 0 SdLazy, 25573 SolverSat, 345 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 26.3s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 5070 GetRequests, 4006 SyntacticMatches, 12 SemanticMatches, 1052 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5119 ImplicationChecksByTransitivity, 32.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=300occurred in iteration=43, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s AbstIntTime, 0 AbstIntIterations, 0 AbstIntStrong, NaN AbsIntWeakeningRatio, NaN AbsIntAvgWeakeningVarsNumRemoved, NaN AbsIntAvgWeakenedConjuncts, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 43 MinimizatonAttempts, 265 StatesRemovedByMinimization, 22 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TraceCheckStatistics: 0.3s SsaConstructionTime, 174.1s SatisfiabilityAnalysisTime, 36.5s InterpolantComputationTime, 5137 NumberOfCodeBlocks, 5137 NumberOfCodeBlocksAsserted, 44 NumberOfCheckSat, 4795 ConstructedInterpolants, 1334 QuantifiedInterpolants, 9913345 SizeOfPredicates, 461 NumberOfNonLiveVariables, 81708 ConjunctsInSsa, 1554 ConjunctsInUnsatCore, 43 InterpolantComputations, 1 PerfectInterpolantSequences, 139766/291554 InterpolantCoveringCapability, InvariantSynthesisStatistics: No data available, InterpolantConsolidationStatistics: No data available, ReuseStatistics: No data available RESULT: Ultimate could not prove your program: unable to determine feasibility of some traces Completed graceful shutdown