java -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AutomizerBplInline.xml -i ../../../trunk/examples/programs/20181010-MemSafetyPathprograms/ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl -------------------------------------------------------------------------------- This is Ultimate 0.1.24-b8c145f [2019-08-05 10:56:20,585 INFO L177 SettingsManager]: Resetting all preferences to default values... [2019-08-05 10:56:20,587 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2019-08-05 10:56:20,598 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-08-05 10:56:20,598 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-08-05 10:56:20,600 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-08-05 10:56:20,601 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-08-05 10:56:20,603 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2019-08-05 10:56:20,604 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-08-05 10:56:20,605 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-08-05 10:56:20,606 INFO L181 SettingsManager]: Resetting Symbolic Interpretation preferences to default values [2019-08-05 10:56:20,606 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-08-05 10:56:20,607 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-08-05 10:56:20,608 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-08-05 10:56:20,609 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-08-05 10:56:20,610 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-08-05 10:56:20,610 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-08-05 10:56:20,611 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-08-05 10:56:20,613 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-08-05 10:56:20,615 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2019-08-05 10:56:20,617 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-08-05 10:56:20,618 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-08-05 10:56:20,619 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2019-08-05 10:56:20,620 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-08-05 10:56:20,623 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-08-05 10:56:20,623 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-08-05 10:56:20,623 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-08-05 10:56:20,624 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2019-08-05 10:56:20,625 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-08-05 10:56:20,626 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2019-08-05 10:56:20,626 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-08-05 10:56:20,627 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2019-08-05 10:56:20,628 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-08-05 10:56:20,629 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2019-08-05 10:56:20,630 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-08-05 10:56:20,630 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2019-08-05 10:56:20,631 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-08-05 10:56:20,631 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-08-05 10:56:20,631 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2019-08-05 10:56:20,632 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2019-08-05 10:56:20,633 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2019-08-05 10:56:20,660 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-08-05 10:56:20,672 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-08-05 10:56:20,676 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-08-05 10:56:20,677 INFO L271 PluginConnector]: Initializing Boogie PL CUP Parser... [2019-08-05 10:56:20,678 INFO L275 PluginConnector]: Boogie PL CUP Parser initialized [2019-08-05 10:56:20,678 INFO L428 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/20181010-MemSafetyPathprograms/ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl [2019-08-05 10:56:20,679 INFO L110 BoogieParser]: Parsing: '/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/20181010-MemSafetyPathprograms/ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl' [2019-08-05 10:56:20,724 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-08-05 10:56:20,725 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-08-05 10:56:20,726 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2019-08-05 10:56:20,726 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2019-08-05 10:56:20,726 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2019-08-05 10:56:20,742 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,754 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,762 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2019-08-05 10:56:20,763 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-08-05 10:56:20,763 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-08-05 10:56:20,764 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2019-08-05 10:56:20,774 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,775 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,777 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,777 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,783 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,785 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,786 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... [2019-08-05 10:56:20,788 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-08-05 10:56:20,788 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-08-05 10:56:20,789 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-08-05 10:56:20,789 INFO L275 PluginConnector]: RCFGBuilder initialized [2019-08-05 10:56:20,790 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2019-08-05 10:56:20,863 INFO L124 BoogieDeclarations]: Specification and implementation of procedure ULTIMATE.start given in one single declaration [2019-08-05 10:56:20,863 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2019-08-05 10:56:20,863 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2019-08-05 10:56:21,160 INFO L684 $ProcedureCfgBuilder]: dead code at ProgramPoint ULTIMATE.startFINAL: assume true; [2019-08-05 10:56:21,162 INFO L278 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2019-08-05 10:56:21,162 INFO L283 CfgBuilder]: Removed 0 assume(true) statements. [2019-08-05 10:56:21,163 INFO L202 PluginConnector]: Adding new model ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 05.08 10:56:21 BoogieIcfgContainer [2019-08-05 10:56:21,164 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-08-05 10:56:21,165 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2019-08-05 10:56:21,166 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2019-08-05 10:56:21,168 INFO L275 PluginConnector]: TraceAbstraction initialized [2019-08-05 10:56:21,169 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 05.08 10:56:20" (1/2) ... [2019-08-05 10:56:21,170 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@8d54683 and model type ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.08 10:56:21, skipping insertion in model container [2019-08-05 10:56:21,170 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 05.08 10:56:21" (2/2) ... [2019-08-05 10:56:21,172 INFO L109 eAbstractionObserver]: Analyzing ICFG ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl [2019-08-05 10:56:21,181 INFO L152 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:ForwardPredicates Determinization: PREDICATE_ABSTRACTION [2019-08-05 10:56:21,189 INFO L164 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2019-08-05 10:56:21,205 INFO L252 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2019-08-05 10:56:21,230 INFO L128 ementStrategyFactory]: Using default assertion order modulation [2019-08-05 10:56:21,231 INFO L377 AbstractCegarLoop]: Interprodecural is true [2019-08-05 10:56:21,231 INFO L378 AbstractCegarLoop]: Hoare is false [2019-08-05 10:56:21,231 INFO L379 AbstractCegarLoop]: Compute interpolants for ForwardPredicates [2019-08-05 10:56:21,231 INFO L380 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2019-08-05 10:56:21,231 INFO L381 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2019-08-05 10:56:21,232 INFO L382 AbstractCegarLoop]: Difference is false [2019-08-05 10:56:21,232 INFO L383 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2019-08-05 10:56:21,232 INFO L388 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2019-08-05 10:56:21,245 INFO L276 IsEmpty]: Start isEmpty. Operand 5 states. [2019-08-05 10:56:21,253 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 4 [2019-08-05 10:56:21,253 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:21,254 INFO L399 BasicCegarLoop]: trace histogram [1, 1, 1] [2019-08-05 10:56:21,257 INFO L418 AbstractCegarLoop]: === Iteration 1 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:21,262 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:21,263 INFO L82 PathProgramCache]: Analyzing trace with hash 29955, now seen corresponding path program 1 times [2019-08-05 10:56:21,307 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:21,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:21,355 INFO L256 TraceCheckSpWp]: Trace formula consists of 41 conjuncts, 2 conjunts are in the unsatisfiable core [2019-08-05 10:56:21,359 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:21,403 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-08-05 10:56:21,405 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-08-05 10:56:21,405 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2019-08-05 10:56:21,408 INFO L454 AbstractCegarLoop]: Interpolant automaton has 3 states [2019-08-05 10:56:21,423 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2019-08-05 10:56:21,424 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-08-05 10:56:21,426 INFO L87 Difference]: Start difference. First operand 5 states. Second operand 3 states. [2019-08-05 10:56:21,490 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:21,491 INFO L93 Difference]: Finished difference Result 7 states and 9 transitions. [2019-08-05 10:56:21,498 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2019-08-05 10:56:21,500 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 3 [2019-08-05 10:56:21,501 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:21,531 INFO L225 Difference]: With dead ends: 7 [2019-08-05 10:56:21,532 INFO L226 Difference]: Without dead ends: 7 [2019-08-05 10:56:21,536 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-08-05 10:56:21,577 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7 states. [2019-08-05 10:56:21,608 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7 to 6. [2019-08-05 10:56:21,612 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2019-08-05 10:56:21,613 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 7 transitions. [2019-08-05 10:56:21,614 INFO L78 Accepts]: Start accepts. Automaton has 6 states and 7 transitions. Word has length 3 [2019-08-05 10:56:21,615 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:21,615 INFO L475 AbstractCegarLoop]: Abstraction has 6 states and 7 transitions. [2019-08-05 10:56:21,615 INFO L476 AbstractCegarLoop]: Interpolant automaton has 3 states. [2019-08-05 10:56:21,615 INFO L276 IsEmpty]: Start isEmpty. Operand 6 states and 7 transitions. [2019-08-05 10:56:21,616 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 6 [2019-08-05 10:56:21,616 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:21,616 INFO L399 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1] [2019-08-05 10:56:21,616 INFO L418 AbstractCegarLoop]: === Iteration 2 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:21,617 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:21,617 INFO L82 PathProgramCache]: Analyzing trace with hash 28852267, now seen corresponding path program 1 times [2019-08-05 10:56:21,618 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:21,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:21,672 INFO L256 TraceCheckSpWp]: Trace formula consists of 81 conjuncts, 3 conjunts are in the unsatisfiable core [2019-08-05 10:56:21,674 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:21,725 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-08-05 10:56:21,726 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:21,726 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [3] total 3 [2019-08-05 10:56:21,727 INFO L454 AbstractCegarLoop]: Interpolant automaton has 4 states [2019-08-05 10:56:21,728 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2019-08-05 10:56:21,728 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-08-05 10:56:21,729 INFO L87 Difference]: Start difference. First operand 6 states and 7 transitions. Second operand 4 states. [2019-08-05 10:56:21,781 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:21,782 INFO L93 Difference]: Finished difference Result 9 states and 12 transitions. [2019-08-05 10:56:21,782 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2019-08-05 10:56:21,782 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 5 [2019-08-05 10:56:21,783 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:21,783 INFO L225 Difference]: With dead ends: 9 [2019-08-05 10:56:21,783 INFO L226 Difference]: Without dead ends: 9 [2019-08-05 10:56:21,784 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-08-05 10:56:21,785 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 9 states. [2019-08-05 10:56:21,786 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 9 to 8. [2019-08-05 10:56:21,786 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 8 states. [2019-08-05 10:56:21,787 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 10 transitions. [2019-08-05 10:56:21,787 INFO L78 Accepts]: Start accepts. Automaton has 8 states and 10 transitions. Word has length 5 [2019-08-05 10:56:21,787 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:21,787 INFO L475 AbstractCegarLoop]: Abstraction has 8 states and 10 transitions. [2019-08-05 10:56:21,788 INFO L476 AbstractCegarLoop]: Interpolant automaton has 4 states. [2019-08-05 10:56:21,788 INFO L276 IsEmpty]: Start isEmpty. Operand 8 states and 10 transitions. [2019-08-05 10:56:21,788 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 8 [2019-08-05 10:56:21,788 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:21,789 INFO L399 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1] [2019-08-05 10:56:21,789 INFO L418 AbstractCegarLoop]: === Iteration 3 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:21,789 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:21,790 INFO L82 PathProgramCache]: Analyzing trace with hash 1957290323, now seen corresponding path program 2 times [2019-08-05 10:56:21,791 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:21,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:21,839 INFO L256 TraceCheckSpWp]: Trace formula consists of 121 conjuncts, 4 conjunts are in the unsatisfiable core [2019-08-05 10:56:21,844 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:21,926 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-08-05 10:56:21,926 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:21,927 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [4] total 4 [2019-08-05 10:56:21,927 INFO L454 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-08-05 10:56:21,927 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-08-05 10:56:21,928 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=10, Unknown=0, NotChecked=0, Total=20 [2019-08-05 10:56:21,928 INFO L87 Difference]: Start difference. First operand 8 states and 10 transitions. Second operand 5 states. [2019-08-05 10:56:22,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:22,084 INFO L93 Difference]: Finished difference Result 11 states and 15 transitions. [2019-08-05 10:56:22,084 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2019-08-05 10:56:22,084 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 7 [2019-08-05 10:56:22,085 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:22,085 INFO L225 Difference]: With dead ends: 11 [2019-08-05 10:56:22,085 INFO L226 Difference]: Without dead ends: 11 [2019-08-05 10:56:22,086 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=10, Invalid=10, Unknown=0, NotChecked=0, Total=20 [2019-08-05 10:56:22,087 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11 states. [2019-08-05 10:56:22,088 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11 to 10. [2019-08-05 10:56:22,088 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2019-08-05 10:56:22,089 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 13 transitions. [2019-08-05 10:56:22,089 INFO L78 Accepts]: Start accepts. Automaton has 10 states and 13 transitions. Word has length 7 [2019-08-05 10:56:22,089 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:22,089 INFO L475 AbstractCegarLoop]: Abstraction has 10 states and 13 transitions. [2019-08-05 10:56:22,089 INFO L476 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-08-05 10:56:22,090 INFO L276 IsEmpty]: Start isEmpty. Operand 10 states and 13 transitions. [2019-08-05 10:56:22,090 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 10 [2019-08-05 10:56:22,090 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:22,090 INFO L399 BasicCegarLoop]: trace histogram [3, 3, 1, 1, 1] [2019-08-05 10:56:22,091 INFO L418 AbstractCegarLoop]: === Iteration 4 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:22,091 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:22,091 INFO L82 PathProgramCache]: Analyzing trace with hash -239609733, now seen corresponding path program 3 times [2019-08-05 10:56:22,092 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:22,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:22,144 INFO L256 TraceCheckSpWp]: Trace formula consists of 161 conjuncts, 6 conjunts are in the unsatisfiable core [2019-08-05 10:56:22,146 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:22,218 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2019-08-05 10:56:22,218 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:22,219 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [4] total 4 [2019-08-05 10:56:22,219 INFO L454 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-08-05 10:56:22,219 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-08-05 10:56:22,220 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2019-08-05 10:56:22,220 INFO L87 Difference]: Start difference. First operand 10 states and 13 transitions. Second operand 5 states. [2019-08-05 10:56:22,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:22,431 INFO L93 Difference]: Finished difference Result 12 states and 15 transitions. [2019-08-05 10:56:22,432 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2019-08-05 10:56:22,432 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 9 [2019-08-05 10:56:22,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:22,433 INFO L225 Difference]: With dead ends: 12 [2019-08-05 10:56:22,433 INFO L226 Difference]: Without dead ends: 12 [2019-08-05 10:56:22,433 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2019-08-05 10:56:22,433 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 12 states. [2019-08-05 10:56:22,435 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 12 to 12. [2019-08-05 10:56:22,435 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2019-08-05 10:56:22,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 15 transitions. [2019-08-05 10:56:22,436 INFO L78 Accepts]: Start accepts. Automaton has 12 states and 15 transitions. Word has length 9 [2019-08-05 10:56:22,436 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:22,436 INFO L475 AbstractCegarLoop]: Abstraction has 12 states and 15 transitions. [2019-08-05 10:56:22,436 INFO L476 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-08-05 10:56:22,436 INFO L276 IsEmpty]: Start isEmpty. Operand 12 states and 15 transitions. [2019-08-05 10:56:22,437 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2019-08-05 10:56:22,437 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:22,437 INFO L399 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1] [2019-08-05 10:56:22,437 INFO L418 AbstractCegarLoop]: === Iteration 5 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:22,438 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:22,438 INFO L82 PathProgramCache]: Analyzing trace with hash -634670901, now seen corresponding path program 1 times [2019-08-05 10:56:22,439 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:22,486 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:22,491 INFO L256 TraceCheckSpWp]: Trace formula consists of 197 conjuncts, 5 conjunts are in the unsatisfiable core [2019-08-05 10:56:22,493 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:22,654 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 0 proven. 14 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2019-08-05 10:56:22,655 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:22,655 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [5] total 5 [2019-08-05 10:56:22,655 INFO L454 AbstractCegarLoop]: Interpolant automaton has 6 states [2019-08-05 10:56:22,656 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2019-08-05 10:56:22,656 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=15, Unknown=0, NotChecked=0, Total=30 [2019-08-05 10:56:22,656 INFO L87 Difference]: Start difference. First operand 12 states and 15 transitions. Second operand 6 states. [2019-08-05 10:56:22,705 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:22,705 INFO L93 Difference]: Finished difference Result 17 states and 22 transitions. [2019-08-05 10:56:22,706 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2019-08-05 10:56:22,706 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 11 [2019-08-05 10:56:22,706 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:22,707 INFO L225 Difference]: With dead ends: 17 [2019-08-05 10:56:22,707 INFO L226 Difference]: Without dead ends: 17 [2019-08-05 10:56:22,708 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=15, Invalid=15, Unknown=0, NotChecked=0, Total=30 [2019-08-05 10:56:22,708 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 17 states. [2019-08-05 10:56:22,710 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 17 to 15. [2019-08-05 10:56:22,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 15 states. [2019-08-05 10:56:22,711 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 19 transitions. [2019-08-05 10:56:22,711 INFO L78 Accepts]: Start accepts. Automaton has 15 states and 19 transitions. Word has length 11 [2019-08-05 10:56:22,712 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:22,712 INFO L475 AbstractCegarLoop]: Abstraction has 15 states and 19 transitions. [2019-08-05 10:56:22,712 INFO L476 AbstractCegarLoop]: Interpolant automaton has 6 states. [2019-08-05 10:56:22,712 INFO L276 IsEmpty]: Start isEmpty. Operand 15 states and 19 transitions. [2019-08-05 10:56:22,712 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 15 [2019-08-05 10:56:22,713 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:22,713 INFO L399 BasicCegarLoop]: trace histogram [4, 4, 3, 1, 1, 1] [2019-08-05 10:56:22,713 INFO L418 AbstractCegarLoop]: === Iteration 6 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:22,713 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:22,713 INFO L82 PathProgramCache]: Analyzing trace with hash -1032674750, now seen corresponding path program 2 times [2019-08-05 10:56:22,714 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:22,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:22,773 INFO L256 TraceCheckSpWp]: Trace formula consists of 255 conjuncts, 8 conjunts are in the unsatisfiable core [2019-08-05 10:56:22,776 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:22,950 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 21 proven. 7 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-08-05 10:56:22,951 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:22,951 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6] total 6 [2019-08-05 10:56:22,951 INFO L454 AbstractCegarLoop]: Interpolant automaton has 7 states [2019-08-05 10:56:22,952 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2019-08-05 10:56:22,952 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2019-08-05 10:56:22,953 INFO L87 Difference]: Start difference. First operand 15 states and 19 transitions. Second operand 7 states. [2019-08-05 10:56:23,139 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:23,139 INFO L93 Difference]: Finished difference Result 17 states and 21 transitions. [2019-08-05 10:56:23,139 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2019-08-05 10:56:23,139 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 14 [2019-08-05 10:56:23,140 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:23,140 INFO L225 Difference]: With dead ends: 17 [2019-08-05 10:56:23,140 INFO L226 Difference]: Without dead ends: 17 [2019-08-05 10:56:23,141 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=29, Invalid=43, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:56:23,142 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 17 states. [2019-08-05 10:56:23,145 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 17 to 17. [2019-08-05 10:56:23,145 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 17 states. [2019-08-05 10:56:23,146 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 17 states to 17 states and 21 transitions. [2019-08-05 10:56:23,146 INFO L78 Accepts]: Start accepts. Automaton has 17 states and 21 transitions. Word has length 14 [2019-08-05 10:56:23,146 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:23,146 INFO L475 AbstractCegarLoop]: Abstraction has 17 states and 21 transitions. [2019-08-05 10:56:23,147 INFO L476 AbstractCegarLoop]: Interpolant automaton has 7 states. [2019-08-05 10:56:23,147 INFO L276 IsEmpty]: Start isEmpty. Operand 17 states and 21 transitions. [2019-08-05 10:56:23,148 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2019-08-05 10:56:23,148 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:23,149 INFO L399 BasicCegarLoop]: trace histogram [5, 4, 4, 1, 1, 1] [2019-08-05 10:56:23,149 INFO L418 AbstractCegarLoop]: === Iteration 7 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:23,149 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:23,149 INFO L82 PathProgramCache]: Analyzing trace with hash 1448645106, now seen corresponding path program 3 times [2019-08-05 10:56:23,150 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:23,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:23,211 INFO L256 TraceCheckSpWp]: Trace formula consists of 291 conjuncts, 6 conjunts are in the unsatisfiable core [2019-08-05 10:56:23,213 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:23,371 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 39 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2019-08-05 10:56:23,372 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:23,372 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6] total 6 [2019-08-05 10:56:23,373 INFO L454 AbstractCegarLoop]: Interpolant automaton has 7 states [2019-08-05 10:56:23,373 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2019-08-05 10:56:23,373 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2019-08-05 10:56:23,373 INFO L87 Difference]: Start difference. First operand 17 states and 21 transitions. Second operand 7 states. [2019-08-05 10:56:23,429 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:23,429 INFO L93 Difference]: Finished difference Result 24 states and 30 transitions. [2019-08-05 10:56:23,429 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2019-08-05 10:56:23,429 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 16 [2019-08-05 10:56:23,430 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:23,430 INFO L225 Difference]: With dead ends: 24 [2019-08-05 10:56:23,430 INFO L226 Difference]: Without dead ends: 24 [2019-08-05 10:56:23,431 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2019-08-05 10:56:23,431 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24 states. [2019-08-05 10:56:23,433 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24 to 21. [2019-08-05 10:56:23,433 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21 states. [2019-08-05 10:56:23,434 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 26 transitions. [2019-08-05 10:56:23,434 INFO L78 Accepts]: Start accepts. Automaton has 21 states and 26 transitions. Word has length 16 [2019-08-05 10:56:23,434 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:23,434 INFO L475 AbstractCegarLoop]: Abstraction has 21 states and 26 transitions. [2019-08-05 10:56:23,434 INFO L476 AbstractCegarLoop]: Interpolant automaton has 7 states. [2019-08-05 10:56:23,435 INFO L276 IsEmpty]: Start isEmpty. Operand 21 states and 26 transitions. [2019-08-05 10:56:23,435 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2019-08-05 10:56:23,435 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:23,435 INFO L399 BasicCegarLoop]: trace histogram [7, 5, 5, 1, 1, 1] [2019-08-05 10:56:23,436 INFO L418 AbstractCegarLoop]: === Iteration 8 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:23,436 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:23,436 INFO L82 PathProgramCache]: Analyzing trace with hash 1994172794, now seen corresponding path program 4 times [2019-08-05 10:56:23,437 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:23,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:23,500 INFO L256 TraceCheckSpWp]: Trace formula consists of 367 conjuncts, 10 conjunts are in the unsatisfiable core [2019-08-05 10:56:23,502 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:23,677 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 52 proven. 21 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2019-08-05 10:56:23,678 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:23,678 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8] total 8 [2019-08-05 10:56:23,679 INFO L454 AbstractCegarLoop]: Interpolant automaton has 9 states [2019-08-05 10:56:23,679 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2019-08-05 10:56:23,679 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=48, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:56:23,680 INFO L87 Difference]: Start difference. First operand 21 states and 26 transitions. Second operand 9 states. [2019-08-05 10:56:24,119 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:24,120 INFO L93 Difference]: Finished difference Result 23 states and 28 transitions. [2019-08-05 10:56:24,120 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2019-08-05 10:56:24,120 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 20 [2019-08-05 10:56:24,121 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:24,122 INFO L225 Difference]: With dead ends: 23 [2019-08-05 10:56:24,122 INFO L226 Difference]: Without dead ends: 23 [2019-08-05 10:56:24,123 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=51, Invalid=81, Unknown=0, NotChecked=0, Total=132 [2019-08-05 10:56:24,123 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 23 states. [2019-08-05 10:56:24,126 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 23 to 23. [2019-08-05 10:56:24,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 23 states. [2019-08-05 10:56:24,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 23 states to 23 states and 28 transitions. [2019-08-05 10:56:24,127 INFO L78 Accepts]: Start accepts. Automaton has 23 states and 28 transitions. Word has length 20 [2019-08-05 10:56:24,127 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:24,128 INFO L475 AbstractCegarLoop]: Abstraction has 23 states and 28 transitions. [2019-08-05 10:56:24,128 INFO L476 AbstractCegarLoop]: Interpolant automaton has 9 states. [2019-08-05 10:56:24,128 INFO L276 IsEmpty]: Start isEmpty. Operand 23 states and 28 transitions. [2019-08-05 10:56:24,128 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2019-08-05 10:56:24,128 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:24,129 INFO L399 BasicCegarLoop]: trace histogram [9, 5, 5, 1, 1, 1] [2019-08-05 10:56:24,129 INFO L418 AbstractCegarLoop]: === Iteration 9 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:24,129 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:24,129 INFO L82 PathProgramCache]: Analyzing trace with hash -1995578870, now seen corresponding path program 5 times [2019-08-05 10:56:24,130 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:24,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:24,191 INFO L256 TraceCheckSpWp]: Trace formula consists of 403 conjuncts, 7 conjunts are in the unsatisfiable core [2019-08-05 10:56:24,194 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:24,363 INFO L134 CoverageAnalysis]: Checked inductivity of 106 backedges. 0 proven. 90 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2019-08-05 10:56:24,363 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:24,363 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [7] total 7 [2019-08-05 10:56:24,364 INFO L454 AbstractCegarLoop]: Interpolant automaton has 8 states [2019-08-05 10:56:24,364 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2019-08-05 10:56:24,364 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=28, Invalid=28, Unknown=0, NotChecked=0, Total=56 [2019-08-05 10:56:24,365 INFO L87 Difference]: Start difference. First operand 23 states and 28 transitions. Second operand 8 states. [2019-08-05 10:56:24,432 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:24,433 INFO L93 Difference]: Finished difference Result 32 states and 39 transitions. [2019-08-05 10:56:24,433 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2019-08-05 10:56:24,433 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 22 [2019-08-05 10:56:24,434 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:24,435 INFO L225 Difference]: With dead ends: 32 [2019-08-05 10:56:24,435 INFO L226 Difference]: Without dead ends: 32 [2019-08-05 10:56:24,436 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=28, Invalid=28, Unknown=0, NotChecked=0, Total=56 [2019-08-05 10:56:24,436 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32 states. [2019-08-05 10:56:24,439 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32 to 28. [2019-08-05 10:56:24,439 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 28 states. [2019-08-05 10:56:24,439 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 28 states to 28 states and 34 transitions. [2019-08-05 10:56:24,440 INFO L78 Accepts]: Start accepts. Automaton has 28 states and 34 transitions. Word has length 22 [2019-08-05 10:56:24,440 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:24,440 INFO L475 AbstractCegarLoop]: Abstraction has 28 states and 34 transitions. [2019-08-05 10:56:24,440 INFO L476 AbstractCegarLoop]: Interpolant automaton has 8 states. [2019-08-05 10:56:24,440 INFO L276 IsEmpty]: Start isEmpty. Operand 28 states and 34 transitions. [2019-08-05 10:56:24,441 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2019-08-05 10:56:24,441 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:24,441 INFO L399 BasicCegarLoop]: trace histogram [12, 6, 6, 1, 1, 1] [2019-08-05 10:56:24,442 INFO L418 AbstractCegarLoop]: === Iteration 10 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:24,442 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:24,442 INFO L82 PathProgramCache]: Analyzing trace with hash 1204458115, now seen corresponding path program 6 times [2019-08-05 10:56:24,443 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:24,496 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:24,502 INFO L256 TraceCheckSpWp]: Trace formula consists of 497 conjuncts, 12 conjunts are in the unsatisfiable core [2019-08-05 10:56:24,505 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:24,977 INFO L134 CoverageAnalysis]: Checked inductivity of 174 backedges. 111 proven. 46 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2019-08-05 10:56:24,978 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:24,978 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [10] total 10 [2019-08-05 10:56:24,978 INFO L454 AbstractCegarLoop]: Interpolant automaton has 11 states [2019-08-05 10:56:24,979 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2019-08-05 10:56:24,979 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2019-08-05 10:56:24,979 INFO L87 Difference]: Start difference. First operand 28 states and 34 transitions. Second operand 11 states. [2019-08-05 10:56:25,124 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:25,124 INFO L93 Difference]: Finished difference Result 30 states and 36 transitions. [2019-08-05 10:56:25,125 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2019-08-05 10:56:25,125 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 27 [2019-08-05 10:56:25,125 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:25,126 INFO L225 Difference]: With dead ends: 30 [2019-08-05 10:56:25,126 INFO L226 Difference]: Without dead ends: 30 [2019-08-05 10:56:25,127 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 22 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=79, Invalid=131, Unknown=0, NotChecked=0, Total=210 [2019-08-05 10:56:25,127 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 30 states. [2019-08-05 10:56:25,131 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 30 to 30. [2019-08-05 10:56:25,131 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 30 states. [2019-08-05 10:56:25,131 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 30 states to 30 states and 36 transitions. [2019-08-05 10:56:25,132 INFO L78 Accepts]: Start accepts. Automaton has 30 states and 36 transitions. Word has length 27 [2019-08-05 10:56:25,132 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:25,132 INFO L475 AbstractCegarLoop]: Abstraction has 30 states and 36 transitions. [2019-08-05 10:56:25,132 INFO L476 AbstractCegarLoop]: Interpolant automaton has 11 states. [2019-08-05 10:56:25,132 INFO L276 IsEmpty]: Start isEmpty. Operand 30 states and 36 transitions. [2019-08-05 10:56:25,133 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2019-08-05 10:56:25,133 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:25,133 INFO L399 BasicCegarLoop]: trace histogram [14, 6, 6, 1, 1, 1] [2019-08-05 10:56:25,134 INFO L418 AbstractCegarLoop]: === Iteration 11 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:25,134 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:25,134 INFO L82 PathProgramCache]: Analyzing trace with hash -75738637, now seen corresponding path program 7 times [2019-08-05 10:56:25,134 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:25,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:25,189 INFO L256 TraceCheckSpWp]: Trace formula consists of 533 conjuncts, 8 conjunts are in the unsatisfiable core [2019-08-05 10:56:25,192 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:25,370 INFO L134 CoverageAnalysis]: Checked inductivity of 211 backedges. 0 proven. 181 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2019-08-05 10:56:25,370 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:25,370 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8] total 8 [2019-08-05 10:56:25,371 INFO L454 AbstractCegarLoop]: Interpolant automaton has 9 states [2019-08-05 10:56:25,371 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2019-08-05 10:56:25,371 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=36, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:56:25,372 INFO L87 Difference]: Start difference. First operand 30 states and 36 transitions. Second operand 9 states. [2019-08-05 10:56:25,441 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:25,441 INFO L93 Difference]: Finished difference Result 41 states and 49 transitions. [2019-08-05 10:56:25,441 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2019-08-05 10:56:25,442 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 29 [2019-08-05 10:56:25,442 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:25,443 INFO L225 Difference]: With dead ends: 41 [2019-08-05 10:56:25,443 INFO L226 Difference]: Without dead ends: 41 [2019-08-05 10:56:25,444 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 21 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=36, Unknown=0, NotChecked=0, Total=72 [2019-08-05 10:56:25,444 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 41 states. [2019-08-05 10:56:25,446 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 41 to 36. [2019-08-05 10:56:25,447 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 36 states. [2019-08-05 10:56:25,448 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 43 transitions. [2019-08-05 10:56:25,448 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 43 transitions. Word has length 29 [2019-08-05 10:56:25,449 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:25,449 INFO L475 AbstractCegarLoop]: Abstraction has 36 states and 43 transitions. [2019-08-05 10:56:25,449 INFO L476 AbstractCegarLoop]: Interpolant automaton has 9 states. [2019-08-05 10:56:25,449 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 43 transitions. [2019-08-05 10:56:25,450 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2019-08-05 10:56:25,451 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:25,451 INFO L399 BasicCegarLoop]: trace histogram [18, 7, 7, 1, 1, 1] [2019-08-05 10:56:25,451 INFO L418 AbstractCegarLoop]: === Iteration 12 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:25,452 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:25,452 INFO L82 PathProgramCache]: Analyzing trace with hash 313780443, now seen corresponding path program 8 times [2019-08-05 10:56:25,452 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:25,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:25,518 INFO L256 TraceCheckSpWp]: Trace formula consists of 645 conjuncts, 14 conjunts are in the unsatisfiable core [2019-08-05 10:56:25,522 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:26,546 INFO L134 CoverageAnalysis]: Checked inductivity of 328 backedges. 212 proven. 85 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2019-08-05 10:56:26,546 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:26,546 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [12] total 12 [2019-08-05 10:56:26,547 INFO L454 AbstractCegarLoop]: Interpolant automaton has 13 states [2019-08-05 10:56:26,547 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2019-08-05 10:56:26,547 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2019-08-05 10:56:26,547 INFO L87 Difference]: Start difference. First operand 36 states and 43 transitions. Second operand 13 states. [2019-08-05 10:56:26,776 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:26,777 INFO L93 Difference]: Finished difference Result 38 states and 45 transitions. [2019-08-05 10:56:26,778 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2019-08-05 10:56:26,779 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 35 [2019-08-05 10:56:26,779 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:26,779 INFO L225 Difference]: With dead ends: 38 [2019-08-05 10:56:26,780 INFO L226 Difference]: Without dead ends: 38 [2019-08-05 10:56:26,780 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 23 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=113, Invalid=193, Unknown=0, NotChecked=0, Total=306 [2019-08-05 10:56:26,781 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 38 states. [2019-08-05 10:56:26,784 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 38 to 38. [2019-08-05 10:56:26,784 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 38 states. [2019-08-05 10:56:26,785 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 38 states to 38 states and 45 transitions. [2019-08-05 10:56:26,786 INFO L78 Accepts]: Start accepts. Automaton has 38 states and 45 transitions. Word has length 35 [2019-08-05 10:56:26,786 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:26,786 INFO L475 AbstractCegarLoop]: Abstraction has 38 states and 45 transitions. [2019-08-05 10:56:26,786 INFO L476 AbstractCegarLoop]: Interpolant automaton has 13 states. [2019-08-05 10:56:26,786 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 45 transitions. [2019-08-05 10:56:26,787 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2019-08-05 10:56:26,787 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:26,788 INFO L399 BasicCegarLoop]: trace histogram [20, 7, 7, 1, 1, 1] [2019-08-05 10:56:26,788 INFO L418 AbstractCegarLoop]: === Iteration 13 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:26,788 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:26,788 INFO L82 PathProgramCache]: Analyzing trace with hash 921137451, now seen corresponding path program 9 times [2019-08-05 10:56:26,789 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:26,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:26,907 INFO L256 TraceCheckSpWp]: Trace formula consists of 681 conjuncts, 9 conjunts are in the unsatisfiable core [2019-08-05 10:56:26,916 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:27,227 INFO L134 CoverageAnalysis]: Checked inductivity of 379 backedges. 0 proven. 329 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2019-08-05 10:56:27,227 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:27,227 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [9] total 9 [2019-08-05 10:56:27,228 INFO L454 AbstractCegarLoop]: Interpolant automaton has 10 states [2019-08-05 10:56:27,228 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2019-08-05 10:56:27,228 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=45, Invalid=45, Unknown=0, NotChecked=0, Total=90 [2019-08-05 10:56:27,228 INFO L87 Difference]: Start difference. First operand 38 states and 45 transitions. Second operand 10 states. [2019-08-05 10:56:27,398 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:27,399 INFO L93 Difference]: Finished difference Result 51 states and 60 transitions. [2019-08-05 10:56:27,399 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2019-08-05 10:56:27,399 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 37 [2019-08-05 10:56:27,400 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:27,400 INFO L225 Difference]: With dead ends: 51 [2019-08-05 10:56:27,400 INFO L226 Difference]: Without dead ends: 51 [2019-08-05 10:56:27,401 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=45, Invalid=45, Unknown=0, NotChecked=0, Total=90 [2019-08-05 10:56:27,401 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 51 states. [2019-08-05 10:56:27,404 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 51 to 45. [2019-08-05 10:56:27,404 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 45 states. [2019-08-05 10:56:27,405 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 53 transitions. [2019-08-05 10:56:27,405 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 53 transitions. Word has length 37 [2019-08-05 10:56:27,405 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:27,405 INFO L475 AbstractCegarLoop]: Abstraction has 45 states and 53 transitions. [2019-08-05 10:56:27,405 INFO L476 AbstractCegarLoop]: Interpolant automaton has 10 states. [2019-08-05 10:56:27,405 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 53 transitions. [2019-08-05 10:56:27,406 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2019-08-05 10:56:27,407 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:27,407 INFO L399 BasicCegarLoop]: trace histogram [25, 8, 8, 1, 1, 1] [2019-08-05 10:56:27,407 INFO L418 AbstractCegarLoop]: === Iteration 14 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:27,407 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:27,407 INFO L82 PathProgramCache]: Analyzing trace with hash 1739592226, now seen corresponding path program 10 times [2019-08-05 10:56:27,408 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:27,490 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:27,499 INFO L256 TraceCheckSpWp]: Trace formula consists of 811 conjuncts, 16 conjunts are in the unsatisfiable core [2019-08-05 10:56:27,502 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:27,825 INFO L134 CoverageAnalysis]: Checked inductivity of 564 backedges. 372 proven. 141 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2019-08-05 10:56:27,825 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:27,825 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [14] total 14 [2019-08-05 10:56:27,826 INFO L454 AbstractCegarLoop]: Interpolant automaton has 15 states [2019-08-05 10:56:27,826 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2019-08-05 10:56:27,826 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=63, Invalid=147, Unknown=0, NotChecked=0, Total=210 [2019-08-05 10:56:27,827 INFO L87 Difference]: Start difference. First operand 45 states and 53 transitions. Second operand 15 states. [2019-08-05 10:56:28,341 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:28,341 INFO L93 Difference]: Finished difference Result 47 states and 55 transitions. [2019-08-05 10:56:28,342 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2019-08-05 10:56:28,342 INFO L78 Accepts]: Start accepts. Automaton has 15 states. Word has length 44 [2019-08-05 10:56:28,342 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:28,343 INFO L225 Difference]: With dead ends: 47 [2019-08-05 10:56:28,343 INFO L226 Difference]: Without dead ends: 47 [2019-08-05 10:56:28,343 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 51 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=153, Invalid=267, Unknown=0, NotChecked=0, Total=420 [2019-08-05 10:56:28,344 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 47 states. [2019-08-05 10:56:28,348 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 47 to 47. [2019-08-05 10:56:28,348 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 47 states. [2019-08-05 10:56:28,349 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 47 states to 47 states and 55 transitions. [2019-08-05 10:56:28,349 INFO L78 Accepts]: Start accepts. Automaton has 47 states and 55 transitions. Word has length 44 [2019-08-05 10:56:28,349 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:28,349 INFO L475 AbstractCegarLoop]: Abstraction has 47 states and 55 transitions. [2019-08-05 10:56:28,350 INFO L476 AbstractCegarLoop]: Interpolant automaton has 15 states. [2019-08-05 10:56:28,350 INFO L276 IsEmpty]: Start isEmpty. Operand 47 states and 55 transitions. [2019-08-05 10:56:28,351 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2019-08-05 10:56:28,351 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:28,351 INFO L399 BasicCegarLoop]: trace histogram [27, 8, 8, 1, 1, 1] [2019-08-05 10:56:28,351 INFO L418 AbstractCegarLoop]: === Iteration 15 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:28,351 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:28,352 INFO L82 PathProgramCache]: Analyzing trace with hash 1740653010, now seen corresponding path program 11 times [2019-08-05 10:56:28,352 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:28,428 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:28,435 INFO L256 TraceCheckSpWp]: Trace formula consists of 847 conjuncts, 10 conjunts are in the unsatisfiable core [2019-08-05 10:56:28,438 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:28,681 INFO L134 CoverageAnalysis]: Checked inductivity of 631 backedges. 0 proven. 554 refuted. 0 times theorem prover too weak. 77 trivial. 0 not checked. [2019-08-05 10:56:28,682 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:28,682 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [10] total 10 [2019-08-05 10:56:28,682 INFO L454 AbstractCegarLoop]: Interpolant automaton has 11 states [2019-08-05 10:56:28,682 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2019-08-05 10:56:28,683 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=55, Invalid=55, Unknown=0, NotChecked=0, Total=110 [2019-08-05 10:56:28,683 INFO L87 Difference]: Start difference. First operand 47 states and 55 transitions. Second operand 11 states. [2019-08-05 10:56:28,735 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:28,735 INFO L93 Difference]: Finished difference Result 62 states and 72 transitions. [2019-08-05 10:56:28,736 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2019-08-05 10:56:28,736 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 46 [2019-08-05 10:56:28,737 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:28,738 INFO L225 Difference]: With dead ends: 62 [2019-08-05 10:56:28,738 INFO L226 Difference]: Without dead ends: 62 [2019-08-05 10:56:28,739 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 36 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=55, Invalid=55, Unknown=0, NotChecked=0, Total=110 [2019-08-05 10:56:28,739 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2019-08-05 10:56:28,742 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 55. [2019-08-05 10:56:28,743 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 55 states. [2019-08-05 10:56:28,743 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 55 states to 55 states and 64 transitions. [2019-08-05 10:56:28,744 INFO L78 Accepts]: Start accepts. Automaton has 55 states and 64 transitions. Word has length 46 [2019-08-05 10:56:28,744 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:28,744 INFO L475 AbstractCegarLoop]: Abstraction has 55 states and 64 transitions. [2019-08-05 10:56:28,744 INFO L476 AbstractCegarLoop]: Interpolant automaton has 11 states. [2019-08-05 10:56:28,744 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 64 transitions. [2019-08-05 10:56:28,745 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2019-08-05 10:56:28,746 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:28,746 INFO L399 BasicCegarLoop]: trace histogram [33, 9, 9, 1, 1, 1] [2019-08-05 10:56:28,746 INFO L418 AbstractCegarLoop]: === Iteration 16 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:28,746 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:28,746 INFO L82 PathProgramCache]: Analyzing trace with hash -1174373990, now seen corresponding path program 12 times [2019-08-05 10:56:28,747 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:28,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:28,865 INFO L256 TraceCheckSpWp]: Trace formula consists of 995 conjuncts, 18 conjunts are in the unsatisfiable core [2019-08-05 10:56:28,868 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:29,813 INFO L134 CoverageAnalysis]: Checked inductivity of 906 backedges. 611 proven. 217 refuted. 0 times theorem prover too weak. 78 trivial. 0 not checked. [2019-08-05 10:56:29,813 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:29,813 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [16] total 16 [2019-08-05 10:56:29,814 INFO L454 AbstractCegarLoop]: Interpolant automaton has 17 states [2019-08-05 10:56:29,814 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2019-08-05 10:56:29,814 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=80, Invalid=192, Unknown=0, NotChecked=0, Total=272 [2019-08-05 10:56:29,815 INFO L87 Difference]: Start difference. First operand 55 states and 64 transitions. Second operand 17 states. [2019-08-05 10:56:30,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:30,071 INFO L93 Difference]: Finished difference Result 57 states and 66 transitions. [2019-08-05 10:56:30,072 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-08-05 10:56:30,072 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 54 [2019-08-05 10:56:30,073 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:30,073 INFO L225 Difference]: With dead ends: 57 [2019-08-05 10:56:30,073 INFO L226 Difference]: Without dead ends: 57 [2019-08-05 10:56:30,074 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 60 GetRequests, 38 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 70 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=199, Invalid=353, Unknown=0, NotChecked=0, Total=552 [2019-08-05 10:56:30,074 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2019-08-05 10:56:30,080 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2019-08-05 10:56:30,080 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 57 states. [2019-08-05 10:56:30,081 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 66 transitions. [2019-08-05 10:56:30,081 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 66 transitions. Word has length 54 [2019-08-05 10:56:30,081 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:30,081 INFO L475 AbstractCegarLoop]: Abstraction has 57 states and 66 transitions. [2019-08-05 10:56:30,082 INFO L476 AbstractCegarLoop]: Interpolant automaton has 17 states. [2019-08-05 10:56:30,082 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 66 transitions. [2019-08-05 10:56:30,086 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2019-08-05 10:56:30,086 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:30,086 INFO L399 BasicCegarLoop]: trace histogram [35, 9, 9, 1, 1, 1] [2019-08-05 10:56:30,087 INFO L418 AbstractCegarLoop]: === Iteration 17 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:30,087 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:30,087 INFO L82 PathProgramCache]: Analyzing trace with hash -2054262230, now seen corresponding path program 13 times [2019-08-05 10:56:30,088 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:30,176 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:30,184 INFO L256 TraceCheckSpWp]: Trace formula consists of 1031 conjuncts, 11 conjunts are in the unsatisfiable core [2019-08-05 10:56:30,187 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:30,428 INFO L134 CoverageAnalysis]: Checked inductivity of 991 backedges. 0 proven. 879 refuted. 0 times theorem prover too weak. 112 trivial. 0 not checked. [2019-08-05 10:56:30,429 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:30,429 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [11] total 11 [2019-08-05 10:56:30,429 INFO L454 AbstractCegarLoop]: Interpolant automaton has 12 states [2019-08-05 10:56:30,430 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2019-08-05 10:56:30,430 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=66, Invalid=66, Unknown=0, NotChecked=0, Total=132 [2019-08-05 10:56:30,430 INFO L87 Difference]: Start difference. First operand 57 states and 66 transitions. Second operand 12 states. [2019-08-05 10:56:30,473 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:30,474 INFO L93 Difference]: Finished difference Result 74 states and 85 transitions. [2019-08-05 10:56:30,474 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2019-08-05 10:56:30,475 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 56 [2019-08-05 10:56:30,475 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:30,475 INFO L225 Difference]: With dead ends: 74 [2019-08-05 10:56:30,476 INFO L226 Difference]: Without dead ends: 74 [2019-08-05 10:56:30,476 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 55 GetRequests, 45 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=66, Invalid=66, Unknown=0, NotChecked=0, Total=132 [2019-08-05 10:56:30,476 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states. [2019-08-05 10:56:30,482 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 66. [2019-08-05 10:56:30,483 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 66 states. [2019-08-05 10:56:30,483 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 76 transitions. [2019-08-05 10:56:30,484 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 76 transitions. Word has length 56 [2019-08-05 10:56:30,484 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:30,484 INFO L475 AbstractCegarLoop]: Abstraction has 66 states and 76 transitions. [2019-08-05 10:56:30,484 INFO L476 AbstractCegarLoop]: Interpolant automaton has 12 states. [2019-08-05 10:56:30,484 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 76 transitions. [2019-08-05 10:56:30,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2019-08-05 10:56:30,485 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:30,485 INFO L399 BasicCegarLoop]: trace histogram [42, 10, 10, 1, 1, 1] [2019-08-05 10:56:30,486 INFO L418 AbstractCegarLoop]: === Iteration 18 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:30,486 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:30,486 INFO L82 PathProgramCache]: Analyzing trace with hash -831096285, now seen corresponding path program 14 times [2019-08-05 10:56:30,487 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:30,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:30,597 INFO L256 TraceCheckSpWp]: Trace formula consists of 1197 conjuncts, 20 conjunts are in the unsatisfiable core [2019-08-05 10:56:30,600 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:30,829 INFO L134 CoverageAnalysis]: Checked inductivity of 1381 backedges. 952 proven. 316 refuted. 0 times theorem prover too weak. 113 trivial. 0 not checked. [2019-08-05 10:56:30,830 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:30,830 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18] total 18 [2019-08-05 10:56:30,830 INFO L454 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-08-05 10:56:30,830 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-08-05 10:56:30,831 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=99, Invalid=243, Unknown=0, NotChecked=0, Total=342 [2019-08-05 10:56:30,831 INFO L87 Difference]: Start difference. First operand 66 states and 76 transitions. Second operand 19 states. [2019-08-05 10:56:31,219 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:31,219 INFO L93 Difference]: Finished difference Result 68 states and 78 transitions. [2019-08-05 10:56:31,219 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2019-08-05 10:56:31,219 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 65 [2019-08-05 10:56:31,220 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:31,220 INFO L225 Difference]: With dead ends: 68 [2019-08-05 10:56:31,220 INFO L226 Difference]: Without dead ends: 68 [2019-08-05 10:56:31,222 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 72 GetRequests, 47 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 92 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=251, Invalid=451, Unknown=0, NotChecked=0, Total=702 [2019-08-05 10:56:31,222 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2019-08-05 10:56:31,224 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2019-08-05 10:56:31,224 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 68 states. [2019-08-05 10:56:31,225 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 78 transitions. [2019-08-05 10:56:31,225 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 78 transitions. Word has length 65 [2019-08-05 10:56:31,225 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:31,226 INFO L475 AbstractCegarLoop]: Abstraction has 68 states and 78 transitions. [2019-08-05 10:56:31,226 INFO L476 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-08-05 10:56:31,226 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 78 transitions. [2019-08-05 10:56:31,228 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2019-08-05 10:56:31,228 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:31,229 INFO L399 BasicCegarLoop]: trace histogram [44, 10, 10, 1, 1, 1] [2019-08-05 10:56:31,229 INFO L418 AbstractCegarLoop]: === Iteration 19 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:31,229 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:31,229 INFO L82 PathProgramCache]: Analyzing trace with hash -171603565, now seen corresponding path program 15 times [2019-08-05 10:56:31,230 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:31,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:31,341 INFO L256 TraceCheckSpWp]: Trace formula consists of 1233 conjuncts, 12 conjunts are in the unsatisfiable core [2019-08-05 10:56:31,344 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:31,982 INFO L134 CoverageAnalysis]: Checked inductivity of 1486 backedges. 0 proven. 1330 refuted. 0 times theorem prover too weak. 156 trivial. 0 not checked. [2019-08-05 10:56:31,982 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:31,982 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [12] total 12 [2019-08-05 10:56:31,982 INFO L454 AbstractCegarLoop]: Interpolant automaton has 13 states [2019-08-05 10:56:31,983 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2019-08-05 10:56:31,983 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=78, Invalid=78, Unknown=0, NotChecked=0, Total=156 [2019-08-05 10:56:31,983 INFO L87 Difference]: Start difference. First operand 68 states and 78 transitions. Second operand 13 states. [2019-08-05 10:56:32,048 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:32,048 INFO L93 Difference]: Finished difference Result 87 states and 99 transitions. [2019-08-05 10:56:32,049 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2019-08-05 10:56:32,049 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 67 [2019-08-05 10:56:32,049 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:32,050 INFO L225 Difference]: With dead ends: 87 [2019-08-05 10:56:32,050 INFO L226 Difference]: Without dead ends: 87 [2019-08-05 10:56:32,051 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 66 GetRequests, 55 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=78, Invalid=78, Unknown=0, NotChecked=0, Total=156 [2019-08-05 10:56:32,051 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2019-08-05 10:56:32,055 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 78. [2019-08-05 10:56:32,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 78 states. [2019-08-05 10:56:32,056 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 89 transitions. [2019-08-05 10:56:32,056 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 89 transitions. Word has length 67 [2019-08-05 10:56:32,056 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:32,056 INFO L475 AbstractCegarLoop]: Abstraction has 78 states and 89 transitions. [2019-08-05 10:56:32,056 INFO L476 AbstractCegarLoop]: Interpolant automaton has 13 states. [2019-08-05 10:56:32,056 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 89 transitions. [2019-08-05 10:56:32,057 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 78 [2019-08-05 10:56:32,057 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:32,057 INFO L399 BasicCegarLoop]: trace histogram [52, 11, 11, 1, 1, 1] [2019-08-05 10:56:32,058 INFO L418 AbstractCegarLoop]: === Iteration 20 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:32,058 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:32,058 INFO L82 PathProgramCache]: Analyzing trace with hash 1974304827, now seen corresponding path program 16 times [2019-08-05 10:56:32,059 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:32,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:32,200 INFO L256 TraceCheckSpWp]: Trace formula consists of 1417 conjuncts, 22 conjunts are in the unsatisfiable core [2019-08-05 10:56:32,203 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:32,632 INFO L134 CoverageAnalysis]: Checked inductivity of 2019 backedges. 1421 proven. 441 refuted. 0 times theorem prover too weak. 157 trivial. 0 not checked. [2019-08-05 10:56:32,632 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:32,632 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [20] total 20 [2019-08-05 10:56:32,633 INFO L454 AbstractCegarLoop]: Interpolant automaton has 21 states [2019-08-05 10:56:32,633 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2019-08-05 10:56:32,633 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=120, Invalid=300, Unknown=0, NotChecked=0, Total=420 [2019-08-05 10:56:32,633 INFO L87 Difference]: Start difference. First operand 78 states and 89 transitions. Second operand 21 states. [2019-08-05 10:56:33,224 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:33,224 INFO L93 Difference]: Finished difference Result 80 states and 91 transitions. [2019-08-05 10:56:33,225 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2019-08-05 10:56:33,225 INFO L78 Accepts]: Start accepts. Automaton has 21 states. Word has length 77 [2019-08-05 10:56:33,226 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:33,226 INFO L225 Difference]: With dead ends: 80 [2019-08-05 10:56:33,226 INFO L226 Difference]: Without dead ends: 80 [2019-08-05 10:56:33,227 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 85 GetRequests, 57 SyntacticMatches, 0 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 117 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=309, Invalid=561, Unknown=0, NotChecked=0, Total=870 [2019-08-05 10:56:33,228 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2019-08-05 10:56:33,230 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2019-08-05 10:56:33,230 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 80 states. [2019-08-05 10:56:33,231 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 91 transitions. [2019-08-05 10:56:33,231 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 91 transitions. Word has length 77 [2019-08-05 10:56:33,231 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:33,231 INFO L475 AbstractCegarLoop]: Abstraction has 80 states and 91 transitions. [2019-08-05 10:56:33,231 INFO L476 AbstractCegarLoop]: Interpolant automaton has 21 states. [2019-08-05 10:56:33,232 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 91 transitions. [2019-08-05 10:56:33,232 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 80 [2019-08-05 10:56:33,232 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:33,232 INFO L399 BasicCegarLoop]: trace histogram [54, 11, 11, 1, 1, 1] [2019-08-05 10:56:33,233 INFO L418 AbstractCegarLoop]: === Iteration 21 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:33,233 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:33,233 INFO L82 PathProgramCache]: Analyzing trace with hash 838269067, now seen corresponding path program 17 times [2019-08-05 10:56:33,234 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:33,352 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:33,364 INFO L256 TraceCheckSpWp]: Trace formula consists of 1453 conjuncts, 13 conjunts are in the unsatisfiable core [2019-08-05 10:56:33,367 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:33,669 INFO L134 CoverageAnalysis]: Checked inductivity of 2146 backedges. 0 proven. 1936 refuted. 0 times theorem prover too weak. 210 trivial. 0 not checked. [2019-08-05 10:56:33,669 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:33,669 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [13] total 13 [2019-08-05 10:56:33,670 INFO L454 AbstractCegarLoop]: Interpolant automaton has 14 states [2019-08-05 10:56:33,670 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2019-08-05 10:56:33,670 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=91, Invalid=91, Unknown=0, NotChecked=0, Total=182 [2019-08-05 10:56:33,671 INFO L87 Difference]: Start difference. First operand 80 states and 91 transitions. Second operand 14 states. [2019-08-05 10:56:33,720 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:33,720 INFO L93 Difference]: Finished difference Result 101 states and 114 transitions. [2019-08-05 10:56:33,720 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2019-08-05 10:56:33,721 INFO L78 Accepts]: Start accepts. Automaton has 14 states. Word has length 79 [2019-08-05 10:56:33,721 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:33,722 INFO L225 Difference]: With dead ends: 101 [2019-08-05 10:56:33,722 INFO L226 Difference]: Without dead ends: 101 [2019-08-05 10:56:33,723 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 78 GetRequests, 66 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=91, Invalid=91, Unknown=0, NotChecked=0, Total=182 [2019-08-05 10:56:33,723 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2019-08-05 10:56:33,726 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 91. [2019-08-05 10:56:33,726 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 91 states. [2019-08-05 10:56:33,727 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 103 transitions. [2019-08-05 10:56:33,727 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 103 transitions. Word has length 79 [2019-08-05 10:56:33,727 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:33,727 INFO L475 AbstractCegarLoop]: Abstraction has 91 states and 103 transitions. [2019-08-05 10:56:33,728 INFO L476 AbstractCegarLoop]: Interpolant automaton has 14 states. [2019-08-05 10:56:33,728 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 103 transitions. [2019-08-05 10:56:33,728 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2019-08-05 10:56:33,728 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:33,729 INFO L399 BasicCegarLoop]: trace histogram [63, 12, 12, 1, 1, 1] [2019-08-05 10:56:33,729 INFO L418 AbstractCegarLoop]: === Iteration 22 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:33,729 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:33,729 INFO L82 PathProgramCache]: Analyzing trace with hash -195454206, now seen corresponding path program 18 times [2019-08-05 10:56:33,730 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:33,872 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:33,889 INFO L256 TraceCheckSpWp]: Trace formula consists of 1655 conjuncts, 24 conjunts are in the unsatisfiable core [2019-08-05 10:56:33,891 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:34,321 INFO L134 CoverageAnalysis]: Checked inductivity of 2853 backedges. 2047 proven. 595 refuted. 0 times theorem prover too weak. 211 trivial. 0 not checked. [2019-08-05 10:56:34,322 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:34,322 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [22] total 22 [2019-08-05 10:56:34,322 INFO L454 AbstractCegarLoop]: Interpolant automaton has 23 states [2019-08-05 10:56:34,323 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2019-08-05 10:56:34,323 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=143, Invalid=363, Unknown=0, NotChecked=0, Total=506 [2019-08-05 10:56:34,323 INFO L87 Difference]: Start difference. First operand 91 states and 103 transitions. Second operand 23 states. [2019-08-05 10:56:34,626 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:34,627 INFO L93 Difference]: Finished difference Result 93 states and 105 transitions. [2019-08-05 10:56:34,628 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2019-08-05 10:56:34,629 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 90 [2019-08-05 10:56:34,629 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:34,630 INFO L225 Difference]: With dead ends: 93 [2019-08-05 10:56:34,630 INFO L226 Difference]: Without dead ends: 93 [2019-08-05 10:56:34,631 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 99 GetRequests, 68 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 145 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=373, Invalid=683, Unknown=0, NotChecked=0, Total=1056 [2019-08-05 10:56:34,631 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2019-08-05 10:56:34,633 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 93. [2019-08-05 10:56:34,633 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 93 states. [2019-08-05 10:56:34,634 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 105 transitions. [2019-08-05 10:56:34,634 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 105 transitions. Word has length 90 [2019-08-05 10:56:34,635 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:34,635 INFO L475 AbstractCegarLoop]: Abstraction has 93 states and 105 transitions. [2019-08-05 10:56:34,635 INFO L476 AbstractCegarLoop]: Interpolant automaton has 23 states. [2019-08-05 10:56:34,635 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 105 transitions. [2019-08-05 10:56:34,636 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 93 [2019-08-05 10:56:34,636 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:34,636 INFO L399 BasicCegarLoop]: trace histogram [65, 12, 12, 1, 1, 1] [2019-08-05 10:56:34,636 INFO L418 AbstractCegarLoop]: === Iteration 23 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:34,636 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:34,636 INFO L82 PathProgramCache]: Analyzing trace with hash 64342706, now seen corresponding path program 19 times [2019-08-05 10:56:34,637 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:34,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:34,792 INFO L256 TraceCheckSpWp]: Trace formula consists of 1691 conjuncts, 14 conjunts are in the unsatisfiable core [2019-08-05 10:56:34,797 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:35,038 INFO L134 CoverageAnalysis]: Checked inductivity of 3004 backedges. 0 proven. 2729 refuted. 0 times theorem prover too weak. 275 trivial. 0 not checked. [2019-08-05 10:56:35,038 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:35,039 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [14] total 14 [2019-08-05 10:56:35,039 INFO L454 AbstractCegarLoop]: Interpolant automaton has 15 states [2019-08-05 10:56:35,039 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2019-08-05 10:56:35,039 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=105, Invalid=105, Unknown=0, NotChecked=0, Total=210 [2019-08-05 10:56:35,040 INFO L87 Difference]: Start difference. First operand 93 states and 105 transitions. Second operand 15 states. [2019-08-05 10:56:35,099 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:35,099 INFO L93 Difference]: Finished difference Result 116 states and 130 transitions. [2019-08-05 10:56:35,099 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2019-08-05 10:56:35,100 INFO L78 Accepts]: Start accepts. Automaton has 15 states. Word has length 92 [2019-08-05 10:56:35,100 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:35,101 INFO L225 Difference]: With dead ends: 116 [2019-08-05 10:56:35,101 INFO L226 Difference]: Without dead ends: 116 [2019-08-05 10:56:35,101 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 91 GetRequests, 78 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=105, Invalid=105, Unknown=0, NotChecked=0, Total=210 [2019-08-05 10:56:35,102 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2019-08-05 10:56:35,104 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 105. [2019-08-05 10:56:35,104 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 105 states. [2019-08-05 10:56:35,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 118 transitions. [2019-08-05 10:56:35,105 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 118 transitions. Word has length 92 [2019-08-05 10:56:35,105 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:35,106 INFO L475 AbstractCegarLoop]: Abstraction has 105 states and 118 transitions. [2019-08-05 10:56:35,106 INFO L476 AbstractCegarLoop]: Interpolant automaton has 15 states. [2019-08-05 10:56:35,106 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 118 transitions. [2019-08-05 10:56:35,106 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2019-08-05 10:56:35,107 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:35,107 INFO L399 BasicCegarLoop]: trace histogram [75, 13, 13, 1, 1, 1] [2019-08-05 10:56:35,107 INFO L418 AbstractCegarLoop]: === Iteration 24 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:35,107 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:35,107 INFO L82 PathProgramCache]: Analyzing trace with hash 1560584890, now seen corresponding path program 20 times [2019-08-05 10:56:35,108 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:35,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:35,305 INFO L256 TraceCheckSpWp]: Trace formula consists of 1911 conjuncts, 26 conjunts are in the unsatisfiable core [2019-08-05 10:56:35,308 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:36,139 INFO L134 CoverageAnalysis]: Checked inductivity of 3919 backedges. 2862 proven. 781 refuted. 0 times theorem prover too weak. 276 trivial. 0 not checked. [2019-08-05 10:56:36,139 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:36,139 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [24] total 24 [2019-08-05 10:56:36,140 INFO L454 AbstractCegarLoop]: Interpolant automaton has 25 states [2019-08-05 10:56:36,140 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2019-08-05 10:56:36,140 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=168, Invalid=432, Unknown=0, NotChecked=0, Total=600 [2019-08-05 10:56:36,141 INFO L87 Difference]: Start difference. First operand 105 states and 118 transitions. Second operand 25 states. [2019-08-05 10:56:37,078 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:37,078 INFO L93 Difference]: Finished difference Result 107 states and 120 transitions. [2019-08-05 10:56:37,078 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2019-08-05 10:56:37,079 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 104 [2019-08-05 10:56:37,079 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:37,079 INFO L225 Difference]: With dead ends: 107 [2019-08-05 10:56:37,079 INFO L226 Difference]: Without dead ends: 107 [2019-08-05 10:56:37,080 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 114 GetRequests, 80 SyntacticMatches, 0 SemanticMatches, 34 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 176 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=443, Invalid=817, Unknown=0, NotChecked=0, Total=1260 [2019-08-05 10:56:37,080 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2019-08-05 10:56:37,082 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 107. [2019-08-05 10:56:37,082 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 107 states. [2019-08-05 10:56:37,082 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 107 states to 107 states and 120 transitions. [2019-08-05 10:56:37,082 INFO L78 Accepts]: Start accepts. Automaton has 107 states and 120 transitions. Word has length 104 [2019-08-05 10:56:37,082 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:37,082 INFO L475 AbstractCegarLoop]: Abstraction has 107 states and 120 transitions. [2019-08-05 10:56:37,083 INFO L476 AbstractCegarLoop]: Interpolant automaton has 25 states. [2019-08-05 10:56:37,083 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 120 transitions. [2019-08-05 10:56:37,083 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2019-08-05 10:56:37,083 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:37,084 INFO L399 BasicCegarLoop]: trace histogram [77, 13, 13, 1, 1, 1] [2019-08-05 10:56:37,084 INFO L418 AbstractCegarLoop]: === Iteration 25 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:37,084 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:37,084 INFO L82 PathProgramCache]: Analyzing trace with hash 1507400522, now seen corresponding path program 21 times [2019-08-05 10:56:37,085 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:37,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:37,267 INFO L256 TraceCheckSpWp]: Trace formula consists of 1947 conjuncts, 15 conjunts are in the unsatisfiable core [2019-08-05 10:56:37,270 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:37,431 INFO L134 CoverageAnalysis]: Checked inductivity of 4096 backedges. 0 proven. 3744 refuted. 0 times theorem prover too weak. 352 trivial. 0 not checked. [2019-08-05 10:56:37,432 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:37,432 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [15] total 15 [2019-08-05 10:56:37,432 INFO L454 AbstractCegarLoop]: Interpolant automaton has 16 states [2019-08-05 10:56:37,432 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2019-08-05 10:56:37,433 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=120, Invalid=120, Unknown=0, NotChecked=0, Total=240 [2019-08-05 10:56:37,433 INFO L87 Difference]: Start difference. First operand 107 states and 120 transitions. Second operand 16 states. [2019-08-05 10:56:37,493 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:37,493 INFO L93 Difference]: Finished difference Result 132 states and 147 transitions. [2019-08-05 10:56:37,493 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2019-08-05 10:56:37,493 INFO L78 Accepts]: Start accepts. Automaton has 16 states. Word has length 106 [2019-08-05 10:56:37,494 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:37,495 INFO L225 Difference]: With dead ends: 132 [2019-08-05 10:56:37,495 INFO L226 Difference]: Without dead ends: 132 [2019-08-05 10:56:37,496 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 105 GetRequests, 91 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=120, Invalid=120, Unknown=0, NotChecked=0, Total=240 [2019-08-05 10:56:37,496 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 132 states. [2019-08-05 10:56:37,499 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 132 to 120. [2019-08-05 10:56:37,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 120 states. [2019-08-05 10:56:37,499 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 134 transitions. [2019-08-05 10:56:37,499 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 134 transitions. Word has length 106 [2019-08-05 10:56:37,500 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:37,500 INFO L475 AbstractCegarLoop]: Abstraction has 120 states and 134 transitions. [2019-08-05 10:56:37,500 INFO L476 AbstractCegarLoop]: Interpolant automaton has 16 states. [2019-08-05 10:56:37,500 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 134 transitions. [2019-08-05 10:56:37,501 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2019-08-05 10:56:37,501 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:37,501 INFO L399 BasicCegarLoop]: trace histogram [88, 14, 14, 1, 1, 1] [2019-08-05 10:56:37,501 INFO L418 AbstractCegarLoop]: === Iteration 26 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:37,502 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:37,502 INFO L82 PathProgramCache]: Analyzing trace with hash 1964976323, now seen corresponding path program 22 times [2019-08-05 10:56:37,502 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:37,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:37,776 INFO L256 TraceCheckSpWp]: Trace formula consists of 2185 conjuncts, 28 conjunts are in the unsatisfiable core [2019-08-05 10:56:37,779 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:38,196 INFO L134 CoverageAnalysis]: Checked inductivity of 5256 backedges. 3901 proven. 1002 refuted. 0 times theorem prover too weak. 353 trivial. 0 not checked. [2019-08-05 10:56:38,196 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:38,197 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [26] total 26 [2019-08-05 10:56:38,197 INFO L454 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-08-05 10:56:38,197 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-08-05 10:56:38,198 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=195, Invalid=507, Unknown=0, NotChecked=0, Total=702 [2019-08-05 10:56:38,198 INFO L87 Difference]: Start difference. First operand 120 states and 134 transitions. Second operand 27 states. [2019-08-05 10:56:38,814 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:38,814 INFO L93 Difference]: Finished difference Result 122 states and 136 transitions. [2019-08-05 10:56:38,814 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-08-05 10:56:38,814 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 119 [2019-08-05 10:56:38,815 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:38,816 INFO L225 Difference]: With dead ends: 122 [2019-08-05 10:56:38,816 INFO L226 Difference]: Without dead ends: 122 [2019-08-05 10:56:38,817 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 130 GetRequests, 93 SyntacticMatches, 0 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 210 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=519, Invalid=963, Unknown=0, NotChecked=0, Total=1482 [2019-08-05 10:56:38,817 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2019-08-05 10:56:38,819 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 122. [2019-08-05 10:56:38,819 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 122 states. [2019-08-05 10:56:38,820 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 122 states to 122 states and 136 transitions. [2019-08-05 10:56:38,820 INFO L78 Accepts]: Start accepts. Automaton has 122 states and 136 transitions. Word has length 119 [2019-08-05 10:56:38,820 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:38,820 INFO L475 AbstractCegarLoop]: Abstraction has 122 states and 136 transitions. [2019-08-05 10:56:38,820 INFO L476 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-08-05 10:56:38,820 INFO L276 IsEmpty]: Start isEmpty. Operand 122 states and 136 transitions. [2019-08-05 10:56:38,821 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2019-08-05 10:56:38,821 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:38,821 INFO L399 BasicCegarLoop]: trace histogram [90, 14, 14, 1, 1, 1] [2019-08-05 10:56:38,821 INFO L418 AbstractCegarLoop]: === Iteration 27 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:38,822 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:38,822 INFO L82 PathProgramCache]: Analyzing trace with hash -388380621, now seen corresponding path program 23 times [2019-08-05 10:56:38,822 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:39,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:39,045 INFO L256 TraceCheckSpWp]: Trace formula consists of 2221 conjuncts, 16 conjunts are in the unsatisfiable core [2019-08-05 10:56:39,048 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:39,263 INFO L134 CoverageAnalysis]: Checked inductivity of 5461 backedges. 0 proven. 5019 refuted. 0 times theorem prover too weak. 442 trivial. 0 not checked. [2019-08-05 10:56:39,263 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:39,263 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [16] total 16 [2019-08-05 10:56:39,263 INFO L454 AbstractCegarLoop]: Interpolant automaton has 17 states [2019-08-05 10:56:39,264 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2019-08-05 10:56:39,264 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=136, Invalid=136, Unknown=0, NotChecked=0, Total=272 [2019-08-05 10:56:39,264 INFO L87 Difference]: Start difference. First operand 122 states and 136 transitions. Second operand 17 states. [2019-08-05 10:56:39,335 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:39,336 INFO L93 Difference]: Finished difference Result 149 states and 165 transitions. [2019-08-05 10:56:39,337 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-08-05 10:56:39,337 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 121 [2019-08-05 10:56:39,338 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:39,339 INFO L225 Difference]: With dead ends: 149 [2019-08-05 10:56:39,339 INFO L226 Difference]: Without dead ends: 149 [2019-08-05 10:56:39,339 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 105 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=136, Invalid=136, Unknown=0, NotChecked=0, Total=272 [2019-08-05 10:56:39,340 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 149 states. [2019-08-05 10:56:39,342 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 149 to 136. [2019-08-05 10:56:39,342 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 136 states. [2019-08-05 10:56:39,342 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 151 transitions. [2019-08-05 10:56:39,343 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 151 transitions. Word has length 121 [2019-08-05 10:56:39,343 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:39,343 INFO L475 AbstractCegarLoop]: Abstraction has 136 states and 151 transitions. [2019-08-05 10:56:39,343 INFO L476 AbstractCegarLoop]: Interpolant automaton has 17 states. [2019-08-05 10:56:39,343 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 151 transitions. [2019-08-05 10:56:39,344 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2019-08-05 10:56:39,344 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:39,344 INFO L399 BasicCegarLoop]: trace histogram [102, 15, 15, 1, 1, 1] [2019-08-05 10:56:39,345 INFO L418 AbstractCegarLoop]: === Iteration 28 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:39,345 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:39,345 INFO L82 PathProgramCache]: Analyzing trace with hash -1310826853, now seen corresponding path program 24 times [2019-08-05 10:56:39,346 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:39,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:39,649 INFO L256 TraceCheckSpWp]: Trace formula consists of 2477 conjuncts, 30 conjunts are in the unsatisfiable core [2019-08-05 10:56:39,653 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:40,076 INFO L134 CoverageAnalysis]: Checked inductivity of 6906 backedges. 5202 proven. 1261 refuted. 0 times theorem prover too weak. 443 trivial. 0 not checked. [2019-08-05 10:56:40,076 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:40,076 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [28] total 28 [2019-08-05 10:56:40,076 INFO L454 AbstractCegarLoop]: Interpolant automaton has 29 states [2019-08-05 10:56:40,077 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2019-08-05 10:56:40,077 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=224, Invalid=588, Unknown=0, NotChecked=0, Total=812 [2019-08-05 10:56:40,077 INFO L87 Difference]: Start difference. First operand 136 states and 151 transitions. Second operand 29 states. [2019-08-05 10:56:40,792 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:40,792 INFO L93 Difference]: Finished difference Result 138 states and 153 transitions. [2019-08-05 10:56:40,793 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2019-08-05 10:56:40,793 INFO L78 Accepts]: Start accepts. Automaton has 29 states. Word has length 135 [2019-08-05 10:56:40,794 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:40,795 INFO L225 Difference]: With dead ends: 138 [2019-08-05 10:56:40,795 INFO L226 Difference]: Without dead ends: 138 [2019-08-05 10:56:40,796 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 147 GetRequests, 107 SyntacticMatches, 0 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 247 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=601, Invalid=1121, Unknown=0, NotChecked=0, Total=1722 [2019-08-05 10:56:40,797 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 138 states. [2019-08-05 10:56:40,799 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 138 to 138. [2019-08-05 10:56:40,799 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 138 states. [2019-08-05 10:56:40,799 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 153 transitions. [2019-08-05 10:56:40,799 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 153 transitions. Word has length 135 [2019-08-05 10:56:40,800 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:40,800 INFO L475 AbstractCegarLoop]: Abstraction has 138 states and 153 transitions. [2019-08-05 10:56:40,800 INFO L476 AbstractCegarLoop]: Interpolant automaton has 29 states. [2019-08-05 10:56:40,800 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 153 transitions. [2019-08-05 10:56:40,801 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 138 [2019-08-05 10:56:40,801 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:40,801 INFO L399 BasicCegarLoop]: trace histogram [104, 15, 15, 1, 1, 1] [2019-08-05 10:56:40,801 INFO L418 AbstractCegarLoop]: === Iteration 29 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:40,801 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:40,801 INFO L82 PathProgramCache]: Analyzing trace with hash 1294206699, now seen corresponding path program 25 times [2019-08-05 10:56:40,802 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:41,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:41,034 INFO L256 TraceCheckSpWp]: Trace formula consists of 2513 conjuncts, 17 conjunts are in the unsatisfiable core [2019-08-05 10:56:41,037 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:41,223 INFO L134 CoverageAnalysis]: Checked inductivity of 7141 backedges. 0 proven. 6595 refuted. 0 times theorem prover too weak. 546 trivial. 0 not checked. [2019-08-05 10:56:41,223 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:41,223 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [17] total 17 [2019-08-05 10:56:41,223 INFO L454 AbstractCegarLoop]: Interpolant automaton has 18 states [2019-08-05 10:56:41,223 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2019-08-05 10:56:41,224 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=153, Invalid=153, Unknown=0, NotChecked=0, Total=306 [2019-08-05 10:56:41,224 INFO L87 Difference]: Start difference. First operand 138 states and 153 transitions. Second operand 18 states. [2019-08-05 10:56:41,297 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:41,297 INFO L93 Difference]: Finished difference Result 167 states and 184 transitions. [2019-08-05 10:56:41,297 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2019-08-05 10:56:41,298 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 137 [2019-08-05 10:56:41,298 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:41,299 INFO L225 Difference]: With dead ends: 167 [2019-08-05 10:56:41,299 INFO L226 Difference]: Without dead ends: 167 [2019-08-05 10:56:41,300 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 136 GetRequests, 120 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=153, Invalid=153, Unknown=0, NotChecked=0, Total=306 [2019-08-05 10:56:41,300 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2019-08-05 10:56:41,303 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 153. [2019-08-05 10:56:41,303 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 153 states. [2019-08-05 10:56:41,303 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 169 transitions. [2019-08-05 10:56:41,303 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 169 transitions. Word has length 137 [2019-08-05 10:56:41,304 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:41,304 INFO L475 AbstractCegarLoop]: Abstraction has 153 states and 169 transitions. [2019-08-05 10:56:41,304 INFO L476 AbstractCegarLoop]: Interpolant automaton has 18 states. [2019-08-05 10:56:41,304 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 169 transitions. [2019-08-05 10:56:41,305 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 153 [2019-08-05 10:56:41,305 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:41,305 INFO L399 BasicCegarLoop]: trace histogram [117, 16, 16, 1, 1, 1] [2019-08-05 10:56:41,305 INFO L418 AbstractCegarLoop]: === Iteration 30 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:41,305 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:41,306 INFO L82 PathProgramCache]: Analyzing trace with hash 1022885090, now seen corresponding path program 26 times [2019-08-05 10:56:41,306 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:41,525 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:41,550 INFO L256 TraceCheckSpWp]: Trace formula consists of 2787 conjuncts, 32 conjunts are in the unsatisfiable core [2019-08-05 10:56:41,554 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:42,640 INFO L134 CoverageAnalysis]: Checked inductivity of 8914 backedges. 6806 proven. 1561 refuted. 0 times theorem prover too weak. 547 trivial. 0 not checked. [2019-08-05 10:56:42,640 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:42,640 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [30] total 30 [2019-08-05 10:56:42,641 INFO L454 AbstractCegarLoop]: Interpolant automaton has 31 states [2019-08-05 10:56:42,641 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2019-08-05 10:56:42,642 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=255, Invalid=675, Unknown=0, NotChecked=0, Total=930 [2019-08-05 10:56:42,642 INFO L87 Difference]: Start difference. First operand 153 states and 169 transitions. Second operand 31 states. [2019-08-05 10:56:43,920 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:43,920 INFO L93 Difference]: Finished difference Result 155 states and 171 transitions. [2019-08-05 10:56:43,921 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2019-08-05 10:56:43,921 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 152 [2019-08-05 10:56:43,921 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:43,922 INFO L225 Difference]: With dead ends: 155 [2019-08-05 10:56:43,922 INFO L226 Difference]: Without dead ends: 155 [2019-08-05 10:56:43,924 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 165 GetRequests, 122 SyntacticMatches, 0 SemanticMatches, 43 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 287 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=689, Invalid=1291, Unknown=0, NotChecked=0, Total=1980 [2019-08-05 10:56:43,924 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2019-08-05 10:56:43,926 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 155. [2019-08-05 10:56:43,926 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 155 states. [2019-08-05 10:56:43,927 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 155 states to 155 states and 171 transitions. [2019-08-05 10:56:43,927 INFO L78 Accepts]: Start accepts. Automaton has 155 states and 171 transitions. Word has length 152 [2019-08-05 10:56:43,927 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:43,927 INFO L475 AbstractCegarLoop]: Abstraction has 155 states and 171 transitions. [2019-08-05 10:56:43,927 INFO L476 AbstractCegarLoop]: Interpolant automaton has 31 states. [2019-08-05 10:56:43,927 INFO L276 IsEmpty]: Start isEmpty. Operand 155 states and 171 transitions. [2019-08-05 10:56:43,928 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 155 [2019-08-05 10:56:43,928 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:43,928 INFO L399 BasicCegarLoop]: trace histogram [119, 16, 16, 1, 1, 1] [2019-08-05 10:56:43,928 INFO L418 AbstractCegarLoop]: === Iteration 31 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:43,928 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:43,928 INFO L82 PathProgramCache]: Analyzing trace with hash 1844571282, now seen corresponding path program 27 times [2019-08-05 10:56:43,929 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:44,155 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:44,179 INFO L256 TraceCheckSpWp]: Trace formula consists of 2823 conjuncts, 18 conjunts are in the unsatisfiable core [2019-08-05 10:56:44,184 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:45,344 INFO L134 CoverageAnalysis]: Checked inductivity of 9181 backedges. 0 proven. 8516 refuted. 0 times theorem prover too weak. 665 trivial. 0 not checked. [2019-08-05 10:56:45,345 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:45,345 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [18] total 18 [2019-08-05 10:56:45,345 INFO L454 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-08-05 10:56:45,345 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-08-05 10:56:45,346 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=171, Invalid=171, Unknown=0, NotChecked=0, Total=342 [2019-08-05 10:56:45,346 INFO L87 Difference]: Start difference. First operand 155 states and 171 transitions. Second operand 19 states. [2019-08-05 10:56:45,412 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:45,412 INFO L93 Difference]: Finished difference Result 186 states and 204 transitions. [2019-08-05 10:56:45,413 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2019-08-05 10:56:45,413 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 154 [2019-08-05 10:56:45,413 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:45,414 INFO L225 Difference]: With dead ends: 186 [2019-08-05 10:56:45,415 INFO L226 Difference]: Without dead ends: 186 [2019-08-05 10:56:45,415 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 153 GetRequests, 136 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=171, Invalid=171, Unknown=0, NotChecked=0, Total=342 [2019-08-05 10:56:45,416 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2019-08-05 10:56:45,418 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 171. [2019-08-05 10:56:45,418 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 171 states. [2019-08-05 10:56:45,419 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 171 states to 171 states and 188 transitions. [2019-08-05 10:56:45,419 INFO L78 Accepts]: Start accepts. Automaton has 171 states and 188 transitions. Word has length 154 [2019-08-05 10:56:45,420 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:45,420 INFO L475 AbstractCegarLoop]: Abstraction has 171 states and 188 transitions. [2019-08-05 10:56:45,420 INFO L476 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-08-05 10:56:45,420 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 188 transitions. [2019-08-05 10:56:45,421 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 171 [2019-08-05 10:56:45,421 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:45,421 INFO L399 BasicCegarLoop]: trace histogram [133, 17, 17, 1, 1, 1] [2019-08-05 10:56:45,421 INFO L418 AbstractCegarLoop]: === Iteration 32 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:45,421 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:45,422 INFO L82 PathProgramCache]: Analyzing trace with hash -616799014, now seen corresponding path program 28 times [2019-08-05 10:56:45,422 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:45,869 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:45,898 INFO L256 TraceCheckSpWp]: Trace formula consists of 3115 conjuncts, 34 conjunts are in the unsatisfiable core [2019-08-05 10:56:45,903 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:47,082 INFO L134 CoverageAnalysis]: Checked inductivity of 11328 backedges. 8757 proven. 1905 refuted. 0 times theorem prover too weak. 666 trivial. 0 not checked. [2019-08-05 10:56:47,083 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:47,083 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [32] total 32 [2019-08-05 10:56:47,083 INFO L454 AbstractCegarLoop]: Interpolant automaton has 33 states [2019-08-05 10:56:47,083 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2019-08-05 10:56:47,084 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=288, Invalid=768, Unknown=0, NotChecked=0, Total=1056 [2019-08-05 10:56:47,084 INFO L87 Difference]: Start difference. First operand 171 states and 188 transitions. Second operand 33 states. [2019-08-05 10:56:47,854 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:47,855 INFO L93 Difference]: Finished difference Result 173 states and 190 transitions. [2019-08-05 10:56:47,855 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2019-08-05 10:56:47,855 INFO L78 Accepts]: Start accepts. Automaton has 33 states. Word has length 170 [2019-08-05 10:56:47,856 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:47,857 INFO L225 Difference]: With dead ends: 173 [2019-08-05 10:56:47,857 INFO L226 Difference]: Without dead ends: 173 [2019-08-05 10:56:47,859 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 184 GetRequests, 138 SyntacticMatches, 0 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 330 ImplicationChecksByTransitivity, 1.3s TimeCoverageRelationStatistics Valid=783, Invalid=1473, Unknown=0, NotChecked=0, Total=2256 [2019-08-05 10:56:47,859 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 173 states. [2019-08-05 10:56:47,861 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 173 to 173. [2019-08-05 10:56:47,861 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 173 states. [2019-08-05 10:56:47,862 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 173 states to 173 states and 190 transitions. [2019-08-05 10:56:47,862 INFO L78 Accepts]: Start accepts. Automaton has 173 states and 190 transitions. Word has length 170 [2019-08-05 10:56:47,862 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:47,862 INFO L475 AbstractCegarLoop]: Abstraction has 173 states and 190 transitions. [2019-08-05 10:56:47,862 INFO L476 AbstractCegarLoop]: Interpolant automaton has 33 states. [2019-08-05 10:56:47,862 INFO L276 IsEmpty]: Start isEmpty. Operand 173 states and 190 transitions. [2019-08-05 10:56:47,863 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 173 [2019-08-05 10:56:47,863 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:47,863 INFO L399 BasicCegarLoop]: trace histogram [135, 17, 17, 1, 1, 1] [2019-08-05 10:56:47,863 INFO L418 AbstractCegarLoop]: === Iteration 33 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:47,863 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:47,863 INFO L82 PathProgramCache]: Analyzing trace with hash 1265704298, now seen corresponding path program 29 times [2019-08-05 10:56:47,864 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:48,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:48,232 INFO L256 TraceCheckSpWp]: Trace formula consists of 3151 conjuncts, 19 conjunts are in the unsatisfiable core [2019-08-05 10:56:48,237 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:48,557 INFO L134 CoverageAnalysis]: Checked inductivity of 11629 backedges. 0 proven. 10829 refuted. 0 times theorem prover too weak. 800 trivial. 0 not checked. [2019-08-05 10:56:48,558 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:48,558 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [19] total 19 [2019-08-05 10:56:48,558 INFO L454 AbstractCegarLoop]: Interpolant automaton has 20 states [2019-08-05 10:56:48,558 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2019-08-05 10:56:48,559 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=190, Invalid=190, Unknown=0, NotChecked=0, Total=380 [2019-08-05 10:56:48,559 INFO L87 Difference]: Start difference. First operand 173 states and 190 transitions. Second operand 20 states. [2019-08-05 10:56:48,660 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:48,660 INFO L93 Difference]: Finished difference Result 206 states and 225 transitions. [2019-08-05 10:56:48,660 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2019-08-05 10:56:48,660 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 172 [2019-08-05 10:56:48,661 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:48,662 INFO L225 Difference]: With dead ends: 206 [2019-08-05 10:56:48,662 INFO L226 Difference]: Without dead ends: 206 [2019-08-05 10:56:48,663 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 171 GetRequests, 153 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=190, Invalid=190, Unknown=0, NotChecked=0, Total=380 [2019-08-05 10:56:48,664 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 206 states. [2019-08-05 10:56:48,666 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 206 to 190. [2019-08-05 10:56:48,666 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 190 states. [2019-08-05 10:56:48,667 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 208 transitions. [2019-08-05 10:56:48,667 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 208 transitions. Word has length 172 [2019-08-05 10:56:48,668 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:48,668 INFO L475 AbstractCegarLoop]: Abstraction has 190 states and 208 transitions. [2019-08-05 10:56:48,668 INFO L476 AbstractCegarLoop]: Interpolant automaton has 20 states. [2019-08-05 10:56:48,668 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 208 transitions. [2019-08-05 10:56:48,669 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 190 [2019-08-05 10:56:48,669 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:48,669 INFO L399 BasicCegarLoop]: trace histogram [150, 18, 18, 1, 1, 1] [2019-08-05 10:56:48,669 INFO L418 AbstractCegarLoop]: === Iteration 34 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:48,670 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:48,670 INFO L82 PathProgramCache]: Analyzing trace with hash -1305551261, now seen corresponding path program 30 times [2019-08-05 10:56:48,670 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:49,050 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:49,079 INFO L256 TraceCheckSpWp]: Trace formula consists of 3461 conjuncts, 36 conjunts are in the unsatisfiable core [2019-08-05 10:56:49,083 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:49,572 INFO L134 CoverageAnalysis]: Checked inductivity of 14199 backedges. 11102 proven. 2296 refuted. 0 times theorem prover too weak. 801 trivial. 0 not checked. [2019-08-05 10:56:49,572 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:49,573 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [34] total 34 [2019-08-05 10:56:49,573 INFO L454 AbstractCegarLoop]: Interpolant automaton has 35 states [2019-08-05 10:56:49,573 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2019-08-05 10:56:49,574 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=323, Invalid=867, Unknown=0, NotChecked=0, Total=1190 [2019-08-05 10:56:49,574 INFO L87 Difference]: Start difference. First operand 190 states and 208 transitions. Second operand 35 states. [2019-08-05 10:56:50,483 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:50,483 INFO L93 Difference]: Finished difference Result 192 states and 210 transitions. [2019-08-05 10:56:50,483 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 35 states. [2019-08-05 10:56:50,483 INFO L78 Accepts]: Start accepts. Automaton has 35 states. Word has length 189 [2019-08-05 10:56:50,484 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:50,486 INFO L225 Difference]: With dead ends: 192 [2019-08-05 10:56:50,486 INFO L226 Difference]: Without dead ends: 192 [2019-08-05 10:56:50,487 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 204 GetRequests, 155 SyntacticMatches, 0 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 376 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=883, Invalid=1667, Unknown=0, NotChecked=0, Total=2550 [2019-08-05 10:56:50,487 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 192 states. [2019-08-05 10:56:50,490 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 192 to 192. [2019-08-05 10:56:50,490 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 192 states. [2019-08-05 10:56:50,490 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 210 transitions. [2019-08-05 10:56:50,491 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 210 transitions. Word has length 189 [2019-08-05 10:56:50,491 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:50,491 INFO L475 AbstractCegarLoop]: Abstraction has 192 states and 210 transitions. [2019-08-05 10:56:50,491 INFO L476 AbstractCegarLoop]: Interpolant automaton has 35 states. [2019-08-05 10:56:50,491 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 210 transitions. [2019-08-05 10:56:50,492 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 192 [2019-08-05 10:56:50,492 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:50,492 INFO L399 BasicCegarLoop]: trace histogram [152, 18, 18, 1, 1, 1] [2019-08-05 10:56:50,493 INFO L418 AbstractCegarLoop]: === Iteration 35 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:50,493 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:50,493 INFO L82 PathProgramCache]: Analyzing trace with hash 1200836051, now seen corresponding path program 31 times [2019-08-05 10:56:50,494 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:50,852 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:50,880 INFO L256 TraceCheckSpWp]: Trace formula consists of 3497 conjuncts, 20 conjunts are in the unsatisfiable core [2019-08-05 10:56:50,886 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:51,178 INFO L134 CoverageAnalysis]: Checked inductivity of 14536 backedges. 0 proven. 13584 refuted. 0 times theorem prover too weak. 952 trivial. 0 not checked. [2019-08-05 10:56:51,179 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:51,179 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [20] total 20 [2019-08-05 10:56:51,179 INFO L454 AbstractCegarLoop]: Interpolant automaton has 21 states [2019-08-05 10:56:51,180 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2019-08-05 10:56:51,180 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=210, Invalid=210, Unknown=0, NotChecked=0, Total=420 [2019-08-05 10:56:51,180 INFO L87 Difference]: Start difference. First operand 192 states and 210 transitions. Second operand 21 states. [2019-08-05 10:56:51,339 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:51,339 INFO L93 Difference]: Finished difference Result 227 states and 247 transitions. [2019-08-05 10:56:51,340 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2019-08-05 10:56:51,341 INFO L78 Accepts]: Start accepts. Automaton has 21 states. Word has length 191 [2019-08-05 10:56:51,341 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:51,343 INFO L225 Difference]: With dead ends: 227 [2019-08-05 10:56:51,343 INFO L226 Difference]: Without dead ends: 227 [2019-08-05 10:56:51,343 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 190 GetRequests, 171 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=210, Invalid=210, Unknown=0, NotChecked=0, Total=420 [2019-08-05 10:56:51,344 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2019-08-05 10:56:51,346 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 210. [2019-08-05 10:56:51,346 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 210 states. [2019-08-05 10:56:51,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 229 transitions. [2019-08-05 10:56:51,347 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 229 transitions. Word has length 191 [2019-08-05 10:56:51,347 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:51,347 INFO L475 AbstractCegarLoop]: Abstraction has 210 states and 229 transitions. [2019-08-05 10:56:51,348 INFO L476 AbstractCegarLoop]: Interpolant automaton has 21 states. [2019-08-05 10:56:51,348 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 229 transitions. [2019-08-05 10:56:51,348 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 210 [2019-08-05 10:56:51,348 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:51,348 INFO L399 BasicCegarLoop]: trace histogram [168, 19, 19, 1, 1, 1] [2019-08-05 10:56:51,349 INFO L418 AbstractCegarLoop]: === Iteration 36 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:51,349 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:51,349 INFO L82 PathProgramCache]: Analyzing trace with hash -662289413, now seen corresponding path program 32 times [2019-08-05 10:56:51,349 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:51,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:51,957 INFO L256 TraceCheckSpWp]: Trace formula consists of 3825 conjuncts, 38 conjunts are in the unsatisfiable core [2019-08-05 10:56:51,964 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:52,786 INFO L134 CoverageAnalysis]: Checked inductivity of 17581 backedges. 13891 proven. 2737 refuted. 0 times theorem prover too weak. 953 trivial. 0 not checked. [2019-08-05 10:56:52,786 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:52,786 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [36] total 36 [2019-08-05 10:56:52,787 INFO L454 AbstractCegarLoop]: Interpolant automaton has 37 states [2019-08-05 10:56:52,787 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 37 interpolants. [2019-08-05 10:56:52,787 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=360, Invalid=972, Unknown=0, NotChecked=0, Total=1332 [2019-08-05 10:56:52,787 INFO L87 Difference]: Start difference. First operand 210 states and 229 transitions. Second operand 37 states. [2019-08-05 10:56:53,317 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:53,317 INFO L93 Difference]: Finished difference Result 212 states and 231 transitions. [2019-08-05 10:56:53,317 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 37 states. [2019-08-05 10:56:53,318 INFO L78 Accepts]: Start accepts. Automaton has 37 states. Word has length 209 [2019-08-05 10:56:53,318 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:53,319 INFO L225 Difference]: With dead ends: 212 [2019-08-05 10:56:53,320 INFO L226 Difference]: Without dead ends: 212 [2019-08-05 10:56:53,321 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 225 GetRequests, 173 SyntacticMatches, 0 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 425 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=989, Invalid=1873, Unknown=0, NotChecked=0, Total=2862 [2019-08-05 10:56:53,322 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 212 states. [2019-08-05 10:56:53,325 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 212 to 212. [2019-08-05 10:56:53,325 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 212 states. [2019-08-05 10:56:53,326 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 212 states to 212 states and 231 transitions. [2019-08-05 10:56:53,326 INFO L78 Accepts]: Start accepts. Automaton has 212 states and 231 transitions. Word has length 209 [2019-08-05 10:56:53,326 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:53,326 INFO L475 AbstractCegarLoop]: Abstraction has 212 states and 231 transitions. [2019-08-05 10:56:53,326 INFO L476 AbstractCegarLoop]: Interpolant automaton has 37 states. [2019-08-05 10:56:53,327 INFO L276 IsEmpty]: Start isEmpty. Operand 212 states and 231 transitions. [2019-08-05 10:56:53,328 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 212 [2019-08-05 10:56:53,328 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:53,328 INFO L399 BasicCegarLoop]: trace histogram [170, 19, 19, 1, 1, 1] [2019-08-05 10:56:53,328 INFO L418 AbstractCegarLoop]: === Iteration 37 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:53,328 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:53,329 INFO L82 PathProgramCache]: Analyzing trace with hash 448683083, now seen corresponding path program 33 times [2019-08-05 10:56:53,329 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:53,931 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:53,962 INFO L256 TraceCheckSpWp]: Trace formula consists of 3861 conjuncts, 21 conjunts are in the unsatisfiable core [2019-08-05 10:56:53,968 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:54,200 INFO L134 CoverageAnalysis]: Checked inductivity of 17956 backedges. 0 proven. 16834 refuted. 0 times theorem prover too weak. 1122 trivial. 0 not checked. [2019-08-05 10:56:54,200 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:54,201 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [21] total 21 [2019-08-05 10:56:54,201 INFO L454 AbstractCegarLoop]: Interpolant automaton has 22 states [2019-08-05 10:56:54,201 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2019-08-05 10:56:54,201 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=231, Invalid=231, Unknown=0, NotChecked=0, Total=462 [2019-08-05 10:56:54,202 INFO L87 Difference]: Start difference. First operand 212 states and 231 transitions. Second operand 22 states. [2019-08-05 10:56:54,646 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:54,646 INFO L93 Difference]: Finished difference Result 249 states and 270 transitions. [2019-08-05 10:56:54,646 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2019-08-05 10:56:54,647 INFO L78 Accepts]: Start accepts. Automaton has 22 states. Word has length 211 [2019-08-05 10:56:54,647 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:54,649 INFO L225 Difference]: With dead ends: 249 [2019-08-05 10:56:54,649 INFO L226 Difference]: Without dead ends: 249 [2019-08-05 10:56:54,650 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 210 GetRequests, 190 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=231, Invalid=231, Unknown=0, NotChecked=0, Total=462 [2019-08-05 10:56:54,650 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 249 states. [2019-08-05 10:56:54,655 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 249 to 231. [2019-08-05 10:56:54,656 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 231 states. [2019-08-05 10:56:54,657 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 231 states to 231 states and 251 transitions. [2019-08-05 10:56:54,657 INFO L78 Accepts]: Start accepts. Automaton has 231 states and 251 transitions. Word has length 211 [2019-08-05 10:56:54,658 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:54,658 INFO L475 AbstractCegarLoop]: Abstraction has 231 states and 251 transitions. [2019-08-05 10:56:54,658 INFO L476 AbstractCegarLoop]: Interpolant automaton has 22 states. [2019-08-05 10:56:54,658 INFO L276 IsEmpty]: Start isEmpty. Operand 231 states and 251 transitions. [2019-08-05 10:56:54,663 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 231 [2019-08-05 10:56:54,663 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:54,663 INFO L399 BasicCegarLoop]: trace histogram [187, 20, 20, 1, 1, 1] [2019-08-05 10:56:54,664 INFO L418 AbstractCegarLoop]: === Iteration 38 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:54,664 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:54,664 INFO L82 PathProgramCache]: Analyzing trace with hash -187828286, now seen corresponding path program 34 times [2019-08-05 10:56:54,665 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:55,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:55,739 INFO L256 TraceCheckSpWp]: Trace formula consists of 4207 conjuncts, 40 conjunts are in the unsatisfiable core [2019-08-05 10:56:55,746 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:56,775 INFO L134 CoverageAnalysis]: Checked inductivity of 21531 backedges. 17177 proven. 3231 refuted. 0 times theorem prover too weak. 1123 trivial. 0 not checked. [2019-08-05 10:56:56,775 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:56,776 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [38] total 38 [2019-08-05 10:56:56,776 INFO L454 AbstractCegarLoop]: Interpolant automaton has 39 states [2019-08-05 10:56:56,776 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2019-08-05 10:56:56,777 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=399, Invalid=1083, Unknown=0, NotChecked=0, Total=1482 [2019-08-05 10:56:56,777 INFO L87 Difference]: Start difference. First operand 231 states and 251 transitions. Second operand 39 states. [2019-08-05 10:56:57,596 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:57,597 INFO L93 Difference]: Finished difference Result 233 states and 253 transitions. [2019-08-05 10:56:57,597 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2019-08-05 10:56:57,597 INFO L78 Accepts]: Start accepts. Automaton has 39 states. Word has length 230 [2019-08-05 10:56:57,598 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:57,599 INFO L225 Difference]: With dead ends: 233 [2019-08-05 10:56:57,599 INFO L226 Difference]: Without dead ends: 233 [2019-08-05 10:56:57,601 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 247 GetRequests, 192 SyntacticMatches, 0 SemanticMatches, 55 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 477 ImplicationChecksByTransitivity, 1.3s TimeCoverageRelationStatistics Valid=1101, Invalid=2091, Unknown=0, NotChecked=0, Total=3192 [2019-08-05 10:56:57,601 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 233 states. [2019-08-05 10:56:57,604 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 233 to 233. [2019-08-05 10:56:57,604 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 233 states. [2019-08-05 10:56:57,605 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 233 states to 233 states and 253 transitions. [2019-08-05 10:56:57,605 INFO L78 Accepts]: Start accepts. Automaton has 233 states and 253 transitions. Word has length 230 [2019-08-05 10:56:57,605 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:57,606 INFO L475 AbstractCegarLoop]: Abstraction has 233 states and 253 transitions. [2019-08-05 10:56:57,606 INFO L476 AbstractCegarLoop]: Interpolant automaton has 39 states. [2019-08-05 10:56:57,606 INFO L276 IsEmpty]: Start isEmpty. Operand 233 states and 253 transitions. [2019-08-05 10:56:57,607 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 233 [2019-08-05 10:56:57,607 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:57,607 INFO L399 BasicCegarLoop]: trace histogram [189, 20, 20, 1, 1, 1] [2019-08-05 10:56:57,607 INFO L418 AbstractCegarLoop]: === Iteration 39 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:57,608 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:57,608 INFO L82 PathProgramCache]: Analyzing trace with hash 27748210, now seen corresponding path program 35 times [2019-08-05 10:56:57,608 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:58,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:58,159 INFO L256 TraceCheckSpWp]: Trace formula consists of 4243 conjuncts, 22 conjunts are in the unsatisfiable core [2019-08-05 10:56:58,166 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:56:58,503 INFO L134 CoverageAnalysis]: Checked inductivity of 21946 backedges. 0 proven. 20635 refuted. 0 times theorem prover too weak. 1311 trivial. 0 not checked. [2019-08-05 10:56:58,504 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:56:58,504 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [22] total 22 [2019-08-05 10:56:58,504 INFO L454 AbstractCegarLoop]: Interpolant automaton has 23 states [2019-08-05 10:56:58,504 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2019-08-05 10:56:58,504 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=253, Invalid=253, Unknown=0, NotChecked=0, Total=506 [2019-08-05 10:56:58,505 INFO L87 Difference]: Start difference. First operand 233 states and 253 transitions. Second operand 23 states. [2019-08-05 10:56:58,642 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:56:58,642 INFO L93 Difference]: Finished difference Result 272 states and 294 transitions. [2019-08-05 10:56:58,643 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2019-08-05 10:56:58,643 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 232 [2019-08-05 10:56:58,643 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:56:58,644 INFO L225 Difference]: With dead ends: 272 [2019-08-05 10:56:58,644 INFO L226 Difference]: Without dead ends: 272 [2019-08-05 10:56:58,645 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 231 GetRequests, 210 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=253, Invalid=253, Unknown=0, NotChecked=0, Total=506 [2019-08-05 10:56:58,645 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 272 states. [2019-08-05 10:56:58,648 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 272 to 253. [2019-08-05 10:56:58,648 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 253 states. [2019-08-05 10:56:58,649 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 253 states to 253 states and 274 transitions. [2019-08-05 10:56:58,649 INFO L78 Accepts]: Start accepts. Automaton has 253 states and 274 transitions. Word has length 232 [2019-08-05 10:56:58,649 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:56:58,650 INFO L475 AbstractCegarLoop]: Abstraction has 253 states and 274 transitions. [2019-08-05 10:56:58,650 INFO L476 AbstractCegarLoop]: Interpolant automaton has 23 states. [2019-08-05 10:56:58,650 INFO L276 IsEmpty]: Start isEmpty. Operand 253 states and 274 transitions. [2019-08-05 10:56:58,651 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 253 [2019-08-05 10:56:58,651 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:56:58,651 INFO L399 BasicCegarLoop]: trace histogram [207, 21, 21, 1, 1, 1] [2019-08-05 10:56:58,652 INFO L418 AbstractCegarLoop]: === Iteration 40 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:56:58,652 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:56:58,652 INFO L82 PathProgramCache]: Analyzing trace with hash 2067070970, now seen corresponding path program 36 times [2019-08-05 10:56:58,653 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:56:59,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:56:59,257 INFO L256 TraceCheckSpWp]: Trace formula consists of 4607 conjuncts, 42 conjunts are in the unsatisfiable core [2019-08-05 10:56:59,265 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:00,170 INFO L134 CoverageAnalysis]: Checked inductivity of 26109 backedges. 21016 proven. 3781 refuted. 0 times theorem prover too weak. 1312 trivial. 0 not checked. [2019-08-05 10:57:00,171 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:00,171 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [40] total 40 [2019-08-05 10:57:00,171 INFO L454 AbstractCegarLoop]: Interpolant automaton has 41 states [2019-08-05 10:57:00,172 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 41 interpolants. [2019-08-05 10:57:00,172 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=440, Invalid=1200, Unknown=0, NotChecked=0, Total=1640 [2019-08-05 10:57:00,172 INFO L87 Difference]: Start difference. First operand 253 states and 274 transitions. Second operand 41 states. [2019-08-05 10:57:01,439 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:01,439 INFO L93 Difference]: Finished difference Result 255 states and 276 transitions. [2019-08-05 10:57:01,440 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 41 states. [2019-08-05 10:57:01,440 INFO L78 Accepts]: Start accepts. Automaton has 41 states. Word has length 252 [2019-08-05 10:57:01,440 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:01,442 INFO L225 Difference]: With dead ends: 255 [2019-08-05 10:57:01,442 INFO L226 Difference]: Without dead ends: 255 [2019-08-05 10:57:01,444 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 270 GetRequests, 212 SyntacticMatches, 0 SemanticMatches, 58 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 532 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=1219, Invalid=2321, Unknown=0, NotChecked=0, Total=3540 [2019-08-05 10:57:01,444 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 255 states. [2019-08-05 10:57:01,447 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 255 to 255. [2019-08-05 10:57:01,447 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 255 states. [2019-08-05 10:57:01,448 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 255 states to 255 states and 276 transitions. [2019-08-05 10:57:01,448 INFO L78 Accepts]: Start accepts. Automaton has 255 states and 276 transitions. Word has length 252 [2019-08-05 10:57:01,448 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:01,448 INFO L475 AbstractCegarLoop]: Abstraction has 255 states and 276 transitions. [2019-08-05 10:57:01,448 INFO L476 AbstractCegarLoop]: Interpolant automaton has 41 states. [2019-08-05 10:57:01,449 INFO L276 IsEmpty]: Start isEmpty. Operand 255 states and 276 transitions. [2019-08-05 10:57:01,450 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 255 [2019-08-05 10:57:01,450 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:01,450 INFO L399 BasicCegarLoop]: trace histogram [209, 21, 21, 1, 1, 1] [2019-08-05 10:57:01,450 INFO L418 AbstractCegarLoop]: === Iteration 41 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:01,450 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:01,451 INFO L82 PathProgramCache]: Analyzing trace with hash -2070693750, now seen corresponding path program 37 times [2019-08-05 10:57:01,451 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:02,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:02,052 INFO L256 TraceCheckSpWp]: Trace formula consists of 4643 conjuncts, 23 conjunts are in the unsatisfiable core [2019-08-05 10:57:02,060 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:03,168 INFO L134 CoverageAnalysis]: Checked inductivity of 26566 backedges. 0 proven. 25046 refuted. 0 times theorem prover too weak. 1520 trivial. 0 not checked. [2019-08-05 10:57:03,168 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:03,168 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [23] total 23 [2019-08-05 10:57:03,169 INFO L454 AbstractCegarLoop]: Interpolant automaton has 24 states [2019-08-05 10:57:03,169 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2019-08-05 10:57:03,169 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=276, Invalid=276, Unknown=0, NotChecked=0, Total=552 [2019-08-05 10:57:03,170 INFO L87 Difference]: Start difference. First operand 255 states and 276 transitions. Second operand 24 states. [2019-08-05 10:57:03,293 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:03,293 INFO L93 Difference]: Finished difference Result 296 states and 319 transitions. [2019-08-05 10:57:03,293 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2019-08-05 10:57:03,293 INFO L78 Accepts]: Start accepts. Automaton has 24 states. Word has length 254 [2019-08-05 10:57:03,294 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:03,295 INFO L225 Difference]: With dead ends: 296 [2019-08-05 10:57:03,295 INFO L226 Difference]: Without dead ends: 296 [2019-08-05 10:57:03,296 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 253 GetRequests, 231 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=276, Invalid=276, Unknown=0, NotChecked=0, Total=552 [2019-08-05 10:57:03,297 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2019-08-05 10:57:03,299 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 276. [2019-08-05 10:57:03,300 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 276 states. [2019-08-05 10:57:03,300 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 298 transitions. [2019-08-05 10:57:03,301 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 298 transitions. Word has length 254 [2019-08-05 10:57:03,301 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:03,301 INFO L475 AbstractCegarLoop]: Abstraction has 276 states and 298 transitions. [2019-08-05 10:57:03,301 INFO L476 AbstractCegarLoop]: Interpolant automaton has 24 states. [2019-08-05 10:57:03,301 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 298 transitions. [2019-08-05 10:57:03,302 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 276 [2019-08-05 10:57:03,303 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:03,303 INFO L399 BasicCegarLoop]: trace histogram [228, 22, 22, 1, 1, 1] [2019-08-05 10:57:03,303 INFO L418 AbstractCegarLoop]: === Iteration 42 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:03,303 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:03,303 INFO L82 PathProgramCache]: Analyzing trace with hash -1600791805, now seen corresponding path program 38 times [2019-08-05 10:57:03,304 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:03,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:03,992 INFO L256 TraceCheckSpWp]: Trace formula consists of 5025 conjuncts, 44 conjunts are in the unsatisfiable core [2019-08-05 10:57:03,998 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:04,826 INFO L134 CoverageAnalysis]: Checked inductivity of 31378 backedges. 25467 proven. 4390 refuted. 0 times theorem prover too weak. 1521 trivial. 0 not checked. [2019-08-05 10:57:04,827 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:04,827 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [42] total 42 [2019-08-05 10:57:04,827 INFO L454 AbstractCegarLoop]: Interpolant automaton has 43 states [2019-08-05 10:57:04,827 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 43 interpolants. [2019-08-05 10:57:04,828 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=483, Invalid=1323, Unknown=0, NotChecked=0, Total=1806 [2019-08-05 10:57:04,828 INFO L87 Difference]: Start difference. First operand 276 states and 298 transitions. Second operand 43 states. [2019-08-05 10:57:06,194 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:06,194 INFO L93 Difference]: Finished difference Result 278 states and 300 transitions. [2019-08-05 10:57:06,194 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 43 states. [2019-08-05 10:57:06,194 INFO L78 Accepts]: Start accepts. Automaton has 43 states. Word has length 275 [2019-08-05 10:57:06,195 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:06,196 INFO L225 Difference]: With dead ends: 278 [2019-08-05 10:57:06,196 INFO L226 Difference]: Without dead ends: 278 [2019-08-05 10:57:06,198 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 294 GetRequests, 233 SyntacticMatches, 0 SemanticMatches, 61 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 590 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=1343, Invalid=2563, Unknown=0, NotChecked=0, Total=3906 [2019-08-05 10:57:06,198 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 278 states. [2019-08-05 10:57:06,201 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 278 to 278. [2019-08-05 10:57:06,201 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 278 states. [2019-08-05 10:57:06,201 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 300 transitions. [2019-08-05 10:57:06,202 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 300 transitions. Word has length 275 [2019-08-05 10:57:06,202 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:06,202 INFO L475 AbstractCegarLoop]: Abstraction has 278 states and 300 transitions. [2019-08-05 10:57:06,202 INFO L476 AbstractCegarLoop]: Interpolant automaton has 43 states. [2019-08-05 10:57:06,202 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 300 transitions. [2019-08-05 10:57:06,204 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 278 [2019-08-05 10:57:06,204 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:06,204 INFO L399 BasicCegarLoop]: trace histogram [230, 22, 22, 1, 1, 1] [2019-08-05 10:57:06,204 INFO L418 AbstractCegarLoop]: === Iteration 43 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:06,204 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:06,205 INFO L82 PathProgramCache]: Analyzing trace with hash 533879411, now seen corresponding path program 39 times [2019-08-05 10:57:06,205 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:06,906 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:06,934 INFO L256 TraceCheckSpWp]: Trace formula consists of 5061 conjuncts, 24 conjunts are in the unsatisfiable core [2019-08-05 10:57:06,938 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:07,434 INFO L134 CoverageAnalysis]: Checked inductivity of 31879 backedges. 0 proven. 30129 refuted. 0 times theorem prover too weak. 1750 trivial. 0 not checked. [2019-08-05 10:57:07,435 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:07,435 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [24] total 24 [2019-08-05 10:57:07,435 INFO L454 AbstractCegarLoop]: Interpolant automaton has 25 states [2019-08-05 10:57:07,435 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2019-08-05 10:57:07,436 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=300, Invalid=300, Unknown=0, NotChecked=0, Total=600 [2019-08-05 10:57:07,436 INFO L87 Difference]: Start difference. First operand 278 states and 300 transitions. Second operand 25 states. [2019-08-05 10:57:07,571 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:07,571 INFO L93 Difference]: Finished difference Result 321 states and 345 transitions. [2019-08-05 10:57:07,572 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2019-08-05 10:57:07,572 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 277 [2019-08-05 10:57:07,572 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:07,574 INFO L225 Difference]: With dead ends: 321 [2019-08-05 10:57:07,574 INFO L226 Difference]: Without dead ends: 321 [2019-08-05 10:57:07,575 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 276 GetRequests, 253 SyntacticMatches, 0 SemanticMatches, 23 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=300, Invalid=300, Unknown=0, NotChecked=0, Total=600 [2019-08-05 10:57:07,576 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 321 states. [2019-08-05 10:57:07,578 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 321 to 300. [2019-08-05 10:57:07,579 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 300 states. [2019-08-05 10:57:07,579 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 300 states to 300 states and 323 transitions. [2019-08-05 10:57:07,579 INFO L78 Accepts]: Start accepts. Automaton has 300 states and 323 transitions. Word has length 277 [2019-08-05 10:57:07,580 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:07,580 INFO L475 AbstractCegarLoop]: Abstraction has 300 states and 323 transitions. [2019-08-05 10:57:07,580 INFO L476 AbstractCegarLoop]: Interpolant automaton has 25 states. [2019-08-05 10:57:07,580 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 323 transitions. [2019-08-05 10:57:07,581 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 300 [2019-08-05 10:57:07,581 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:07,582 INFO L399 BasicCegarLoop]: trace histogram [250, 23, 23, 1, 1, 1] [2019-08-05 10:57:07,582 INFO L418 AbstractCegarLoop]: === Iteration 44 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:07,582 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:07,582 INFO L82 PathProgramCache]: Analyzing trace with hash -1553272741, now seen corresponding path program 40 times [2019-08-05 10:57:07,583 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:08,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:08,464 INFO L256 TraceCheckSpWp]: Trace formula consists of 5461 conjuncts, 46 conjunts are in the unsatisfiable core [2019-08-05 10:57:08,468 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:09,404 INFO L134 CoverageAnalysis]: Checked inductivity of 37404 backedges. 30592 proven. 5061 refuted. 0 times theorem prover too weak. 1751 trivial. 0 not checked. [2019-08-05 10:57:09,405 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:09,405 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [44] total 44 [2019-08-05 10:57:09,405 INFO L454 AbstractCegarLoop]: Interpolant automaton has 45 states [2019-08-05 10:57:09,406 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 45 interpolants. [2019-08-05 10:57:09,406 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=528, Invalid=1452, Unknown=0, NotChecked=0, Total=1980 [2019-08-05 10:57:09,407 INFO L87 Difference]: Start difference. First operand 300 states and 323 transitions. Second operand 45 states. [2019-08-05 10:57:10,799 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:10,799 INFO L93 Difference]: Finished difference Result 302 states and 325 transitions. [2019-08-05 10:57:10,800 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 45 states. [2019-08-05 10:57:10,800 INFO L78 Accepts]: Start accepts. Automaton has 45 states. Word has length 299 [2019-08-05 10:57:10,801 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:10,802 INFO L225 Difference]: With dead ends: 302 [2019-08-05 10:57:10,802 INFO L226 Difference]: Without dead ends: 302 [2019-08-05 10:57:10,805 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 319 GetRequests, 255 SyntacticMatches, 0 SemanticMatches, 64 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 651 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=1473, Invalid=2817, Unknown=0, NotChecked=0, Total=4290 [2019-08-05 10:57:10,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 302 states. [2019-08-05 10:57:10,807 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 302 to 302. [2019-08-05 10:57:10,807 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 302 states. [2019-08-05 10:57:10,808 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 302 states to 302 states and 325 transitions. [2019-08-05 10:57:10,808 INFO L78 Accepts]: Start accepts. Automaton has 302 states and 325 transitions. Word has length 299 [2019-08-05 10:57:10,808 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:10,809 INFO L475 AbstractCegarLoop]: Abstraction has 302 states and 325 transitions. [2019-08-05 10:57:10,809 INFO L476 AbstractCegarLoop]: Interpolant automaton has 45 states. [2019-08-05 10:57:10,809 INFO L276 IsEmpty]: Start isEmpty. Operand 302 states and 325 transitions. [2019-08-05 10:57:10,810 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 302 [2019-08-05 10:57:10,810 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:10,810 INFO L399 BasicCegarLoop]: trace histogram [252, 23, 23, 1, 1, 1] [2019-08-05 10:57:10,810 INFO L418 AbstractCegarLoop]: === Iteration 45 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:10,810 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:10,810 INFO L82 PathProgramCache]: Analyzing trace with hash -870598485, now seen corresponding path program 41 times [2019-08-05 10:57:10,811 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:11,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:11,840 INFO L256 TraceCheckSpWp]: Trace formula consists of 5497 conjuncts, 25 conjunts are in the unsatisfiable core [2019-08-05 10:57:11,844 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:12,439 INFO L134 CoverageAnalysis]: Checked inductivity of 37951 backedges. 0 proven. 35949 refuted. 0 times theorem prover too weak. 2002 trivial. 0 not checked. [2019-08-05 10:57:12,440 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:12,440 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [25] total 25 [2019-08-05 10:57:12,440 INFO L454 AbstractCegarLoop]: Interpolant automaton has 26 states [2019-08-05 10:57:12,440 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2019-08-05 10:57:12,441 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=325, Invalid=325, Unknown=0, NotChecked=0, Total=650 [2019-08-05 10:57:12,441 INFO L87 Difference]: Start difference. First operand 302 states and 325 transitions. Second operand 26 states. [2019-08-05 10:57:12,590 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:12,590 INFO L93 Difference]: Finished difference Result 347 states and 372 transitions. [2019-08-05 10:57:12,590 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2019-08-05 10:57:12,591 INFO L78 Accepts]: Start accepts. Automaton has 26 states. Word has length 301 [2019-08-05 10:57:12,591 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:12,593 INFO L225 Difference]: With dead ends: 347 [2019-08-05 10:57:12,593 INFO L226 Difference]: Without dead ends: 347 [2019-08-05 10:57:12,594 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 300 GetRequests, 276 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=325, Invalid=325, Unknown=0, NotChecked=0, Total=650 [2019-08-05 10:57:12,594 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 347 states. [2019-08-05 10:57:12,598 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 347 to 325. [2019-08-05 10:57:12,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 325 states. [2019-08-05 10:57:12,598 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 325 states to 325 states and 349 transitions. [2019-08-05 10:57:12,599 INFO L78 Accepts]: Start accepts. Automaton has 325 states and 349 transitions. Word has length 301 [2019-08-05 10:57:12,599 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:12,599 INFO L475 AbstractCegarLoop]: Abstraction has 325 states and 349 transitions. [2019-08-05 10:57:12,599 INFO L476 AbstractCegarLoop]: Interpolant automaton has 26 states. [2019-08-05 10:57:12,599 INFO L276 IsEmpty]: Start isEmpty. Operand 325 states and 349 transitions. [2019-08-05 10:57:12,601 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 325 [2019-08-05 10:57:12,601 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:12,601 INFO L399 BasicCegarLoop]: trace histogram [273, 24, 24, 1, 1, 1] [2019-08-05 10:57:12,601 INFO L418 AbstractCegarLoop]: === Iteration 46 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:12,601 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:12,602 INFO L82 PathProgramCache]: Analyzing trace with hash 240667554, now seen corresponding path program 42 times [2019-08-05 10:57:12,602 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:13,897 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:13,950 INFO L256 TraceCheckSpWp]: Trace formula consists of 5915 conjuncts, 48 conjunts are in the unsatisfiable core [2019-08-05 10:57:13,954 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:14,865 INFO L134 CoverageAnalysis]: Checked inductivity of 44256 backedges. 36456 proven. 5797 refuted. 0 times theorem prover too weak. 2003 trivial. 0 not checked. [2019-08-05 10:57:14,866 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:14,866 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [46] total 46 [2019-08-05 10:57:14,866 INFO L454 AbstractCegarLoop]: Interpolant automaton has 47 states [2019-08-05 10:57:14,866 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 47 interpolants. [2019-08-05 10:57:14,867 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=575, Invalid=1587, Unknown=0, NotChecked=0, Total=2162 [2019-08-05 10:57:14,867 INFO L87 Difference]: Start difference. First operand 325 states and 349 transitions. Second operand 47 states. [2019-08-05 10:57:16,287 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:16,287 INFO L93 Difference]: Finished difference Result 327 states and 351 transitions. [2019-08-05 10:57:16,288 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 47 states. [2019-08-05 10:57:16,288 INFO L78 Accepts]: Start accepts. Automaton has 47 states. Word has length 324 [2019-08-05 10:57:16,288 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:16,290 INFO L225 Difference]: With dead ends: 327 [2019-08-05 10:57:16,290 INFO L226 Difference]: Without dead ends: 327 [2019-08-05 10:57:16,291 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 345 GetRequests, 278 SyntacticMatches, 0 SemanticMatches, 67 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 715 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=1609, Invalid=3083, Unknown=0, NotChecked=0, Total=4692 [2019-08-05 10:57:16,292 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 327 states. [2019-08-05 10:57:16,295 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 327 to 327. [2019-08-05 10:57:16,295 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 327 states. [2019-08-05 10:57:16,295 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 327 states to 327 states and 351 transitions. [2019-08-05 10:57:16,296 INFO L78 Accepts]: Start accepts. Automaton has 327 states and 351 transitions. Word has length 324 [2019-08-05 10:57:16,296 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:16,296 INFO L475 AbstractCegarLoop]: Abstraction has 327 states and 351 transitions. [2019-08-05 10:57:16,296 INFO L476 AbstractCegarLoop]: Interpolant automaton has 47 states. [2019-08-05 10:57:16,296 INFO L276 IsEmpty]: Start isEmpty. Operand 327 states and 351 transitions. [2019-08-05 10:57:16,298 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 327 [2019-08-05 10:57:16,298 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:16,298 INFO L399 BasicCegarLoop]: trace histogram [275, 24, 24, 1, 1, 1] [2019-08-05 10:57:16,298 INFO L418 AbstractCegarLoop]: === Iteration 47 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:16,299 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:16,299 INFO L82 PathProgramCache]: Analyzing trace with hash 1933769554, now seen corresponding path program 43 times [2019-08-05 10:57:16,299 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:17,364 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:17,400 INFO L256 TraceCheckSpWp]: Trace formula consists of 5951 conjuncts, 26 conjunts are in the unsatisfiable core [2019-08-05 10:57:17,406 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:18,035 INFO L134 CoverageAnalysis]: Checked inductivity of 44851 backedges. 0 proven. 42574 refuted. 0 times theorem prover too weak. 2277 trivial. 0 not checked. [2019-08-05 10:57:18,035 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:18,035 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [26] total 26 [2019-08-05 10:57:18,036 INFO L454 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-08-05 10:57:18,036 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-08-05 10:57:18,036 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=351, Invalid=351, Unknown=0, NotChecked=0, Total=702 [2019-08-05 10:57:18,036 INFO L87 Difference]: Start difference. First operand 327 states and 351 transitions. Second operand 27 states. [2019-08-05 10:57:18,164 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:18,164 INFO L93 Difference]: Finished difference Result 374 states and 400 transitions. [2019-08-05 10:57:18,164 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-08-05 10:57:18,165 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 326 [2019-08-05 10:57:18,165 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:18,167 INFO L225 Difference]: With dead ends: 374 [2019-08-05 10:57:18,168 INFO L226 Difference]: Without dead ends: 374 [2019-08-05 10:57:18,168 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 325 GetRequests, 300 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=351, Invalid=351, Unknown=0, NotChecked=0, Total=702 [2019-08-05 10:57:18,169 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 374 states. [2019-08-05 10:57:18,172 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 374 to 351. [2019-08-05 10:57:18,172 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 351 states. [2019-08-05 10:57:18,173 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 351 states to 351 states and 376 transitions. [2019-08-05 10:57:18,173 INFO L78 Accepts]: Start accepts. Automaton has 351 states and 376 transitions. Word has length 326 [2019-08-05 10:57:18,173 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:18,173 INFO L475 AbstractCegarLoop]: Abstraction has 351 states and 376 transitions. [2019-08-05 10:57:18,173 INFO L476 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-08-05 10:57:18,174 INFO L276 IsEmpty]: Start isEmpty. Operand 351 states and 376 transitions. [2019-08-05 10:57:18,175 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 351 [2019-08-05 10:57:18,175 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:18,176 INFO L399 BasicCegarLoop]: trace histogram [297, 25, 25, 1, 1, 1] [2019-08-05 10:57:18,176 INFO L418 AbstractCegarLoop]: === Iteration 48 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:18,176 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:18,176 INFO L82 PathProgramCache]: Analyzing trace with hash -835341286, now seen corresponding path program 44 times [2019-08-05 10:57:18,177 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:19,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:19,570 INFO L256 TraceCheckSpWp]: Trace formula consists of 6387 conjuncts, 50 conjunts are in the unsatisfiable core [2019-08-05 10:57:19,575 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:20,421 INFO L134 CoverageAnalysis]: Checked inductivity of 52006 backedges. 43127 proven. 6601 refuted. 0 times theorem prover too weak. 2278 trivial. 0 not checked. [2019-08-05 10:57:20,421 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:20,422 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [48] total 48 [2019-08-05 10:57:20,422 INFO L454 AbstractCegarLoop]: Interpolant automaton has 49 states [2019-08-05 10:57:20,422 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 49 interpolants. [2019-08-05 10:57:20,422 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=624, Invalid=1728, Unknown=0, NotChecked=0, Total=2352 [2019-08-05 10:57:20,423 INFO L87 Difference]: Start difference. First operand 351 states and 376 transitions. Second operand 49 states. [2019-08-05 10:57:21,875 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:21,876 INFO L93 Difference]: Finished difference Result 353 states and 378 transitions. [2019-08-05 10:57:21,876 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 49 states. [2019-08-05 10:57:21,876 INFO L78 Accepts]: Start accepts. Automaton has 49 states. Word has length 350 [2019-08-05 10:57:21,877 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:21,878 INFO L225 Difference]: With dead ends: 353 [2019-08-05 10:57:21,879 INFO L226 Difference]: Without dead ends: 353 [2019-08-05 10:57:21,880 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 372 GetRequests, 302 SyntacticMatches, 0 SemanticMatches, 70 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 782 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=1751, Invalid=3361, Unknown=0, NotChecked=0, Total=5112 [2019-08-05 10:57:21,880 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 353 states. [2019-08-05 10:57:21,884 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 353 to 353. [2019-08-05 10:57:21,884 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 353 states. [2019-08-05 10:57:21,885 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 353 states to 353 states and 378 transitions. [2019-08-05 10:57:21,885 INFO L78 Accepts]: Start accepts. Automaton has 353 states and 378 transitions. Word has length 350 [2019-08-05 10:57:21,885 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:21,885 INFO L475 AbstractCegarLoop]: Abstraction has 353 states and 378 transitions. [2019-08-05 10:57:21,885 INFO L476 AbstractCegarLoop]: Interpolant automaton has 49 states. [2019-08-05 10:57:21,885 INFO L276 IsEmpty]: Start isEmpty. Operand 353 states and 378 transitions. [2019-08-05 10:57:21,887 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 353 [2019-08-05 10:57:21,887 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:21,887 INFO L399 BasicCegarLoop]: trace histogram [299, 25, 25, 1, 1, 1] [2019-08-05 10:57:21,888 INFO L418 AbstractCegarLoop]: === Iteration 49 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:21,888 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:21,888 INFO L82 PathProgramCache]: Analyzing trace with hash -1279775574, now seen corresponding path program 45 times [2019-08-05 10:57:21,889 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:23,010 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:23,049 INFO L256 TraceCheckSpWp]: Trace formula consists of 6423 conjuncts, 27 conjunts are in the unsatisfiable core [2019-08-05 10:57:23,054 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:23,574 INFO L134 CoverageAnalysis]: Checked inductivity of 52651 backedges. 0 proven. 50075 refuted. 0 times theorem prover too weak. 2576 trivial. 0 not checked. [2019-08-05 10:57:23,574 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:23,574 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [27] total 27 [2019-08-05 10:57:23,574 INFO L454 AbstractCegarLoop]: Interpolant automaton has 28 states [2019-08-05 10:57:23,575 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2019-08-05 10:57:23,575 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=378, Invalid=378, Unknown=0, NotChecked=0, Total=756 [2019-08-05 10:57:23,575 INFO L87 Difference]: Start difference. First operand 353 states and 378 transitions. Second operand 28 states. [2019-08-05 10:57:23,690 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:23,690 INFO L93 Difference]: Finished difference Result 402 states and 429 transitions. [2019-08-05 10:57:23,691 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2019-08-05 10:57:23,691 INFO L78 Accepts]: Start accepts. Automaton has 28 states. Word has length 352 [2019-08-05 10:57:23,691 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:23,693 INFO L225 Difference]: With dead ends: 402 [2019-08-05 10:57:23,693 INFO L226 Difference]: Without dead ends: 402 [2019-08-05 10:57:23,694 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 351 GetRequests, 325 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=378, Invalid=378, Unknown=0, NotChecked=0, Total=756 [2019-08-05 10:57:23,694 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 402 states. [2019-08-05 10:57:23,697 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 402 to 378. [2019-08-05 10:57:23,698 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 378 states. [2019-08-05 10:57:23,698 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 404 transitions. [2019-08-05 10:57:23,699 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 404 transitions. Word has length 352 [2019-08-05 10:57:23,699 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:23,699 INFO L475 AbstractCegarLoop]: Abstraction has 378 states and 404 transitions. [2019-08-05 10:57:23,699 INFO L476 AbstractCegarLoop]: Interpolant automaton has 28 states. [2019-08-05 10:57:23,699 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 404 transitions. [2019-08-05 10:57:23,701 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 378 [2019-08-05 10:57:23,701 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:23,701 INFO L399 BasicCegarLoop]: trace histogram [322, 26, 26, 1, 1, 1] [2019-08-05 10:57:23,702 INFO L418 AbstractCegarLoop]: === Iteration 50 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:23,702 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:23,702 INFO L82 PathProgramCache]: Analyzing trace with hash -246784349, now seen corresponding path program 46 times [2019-08-05 10:57:23,703 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:25,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:25,290 INFO L256 TraceCheckSpWp]: Trace formula consists of 6877 conjuncts, 52 conjunts are in the unsatisfiable core [2019-08-05 10:57:25,295 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:26,405 INFO L134 CoverageAnalysis]: Checked inductivity of 60729 backedges. 50676 proven. 7476 refuted. 0 times theorem prover too weak. 2577 trivial. 0 not checked. [2019-08-05 10:57:26,406 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:26,406 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [50] total 50 [2019-08-05 10:57:26,406 INFO L454 AbstractCegarLoop]: Interpolant automaton has 51 states [2019-08-05 10:57:26,406 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 51 interpolants. [2019-08-05 10:57:26,407 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=675, Invalid=1875, Unknown=0, NotChecked=0, Total=2550 [2019-08-05 10:57:26,407 INFO L87 Difference]: Start difference. First operand 378 states and 404 transitions. Second operand 51 states. [2019-08-05 10:57:28,352 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:28,352 INFO L93 Difference]: Finished difference Result 380 states and 406 transitions. [2019-08-05 10:57:28,353 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 51 states. [2019-08-05 10:57:28,353 INFO L78 Accepts]: Start accepts. Automaton has 51 states. Word has length 377 [2019-08-05 10:57:28,353 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:28,355 INFO L225 Difference]: With dead ends: 380 [2019-08-05 10:57:28,355 INFO L226 Difference]: Without dead ends: 380 [2019-08-05 10:57:28,356 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 400 GetRequests, 327 SyntacticMatches, 0 SemanticMatches, 73 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 852 ImplicationChecksByTransitivity, 1.6s TimeCoverageRelationStatistics Valid=1899, Invalid=3651, Unknown=0, NotChecked=0, Total=5550 [2019-08-05 10:57:28,357 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 380 states. [2019-08-05 10:57:28,360 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 380 to 380. [2019-08-05 10:57:28,360 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 380 states. [2019-08-05 10:57:28,360 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 380 states to 380 states and 406 transitions. [2019-08-05 10:57:28,360 INFO L78 Accepts]: Start accepts. Automaton has 380 states and 406 transitions. Word has length 377 [2019-08-05 10:57:28,361 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:28,361 INFO L475 AbstractCegarLoop]: Abstraction has 380 states and 406 transitions. [2019-08-05 10:57:28,361 INFO L476 AbstractCegarLoop]: Interpolant automaton has 51 states. [2019-08-05 10:57:28,361 INFO L276 IsEmpty]: Start isEmpty. Operand 380 states and 406 transitions. [2019-08-05 10:57:28,362 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 380 [2019-08-05 10:57:28,362 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:28,362 INFO L399 BasicCegarLoop]: trace histogram [324, 26, 26, 1, 1, 1] [2019-08-05 10:57:28,363 INFO L418 AbstractCegarLoop]: === Iteration 51 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:28,363 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:28,363 INFO L82 PathProgramCache]: Analyzing trace with hash -1409470957, now seen corresponding path program 47 times [2019-08-05 10:57:28,364 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:29,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:29,738 INFO L256 TraceCheckSpWp]: Trace formula consists of 6913 conjuncts, 28 conjunts are in the unsatisfiable core [2019-08-05 10:57:29,743 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:30,332 INFO L134 CoverageAnalysis]: Checked inductivity of 61426 backedges. 0 proven. 58526 refuted. 0 times theorem prover too weak. 2900 trivial. 0 not checked. [2019-08-05 10:57:30,332 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:30,332 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [28] total 28 [2019-08-05 10:57:30,333 INFO L454 AbstractCegarLoop]: Interpolant automaton has 29 states [2019-08-05 10:57:30,333 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2019-08-05 10:57:30,333 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=406, Invalid=406, Unknown=0, NotChecked=0, Total=812 [2019-08-05 10:57:30,334 INFO L87 Difference]: Start difference. First operand 380 states and 406 transitions. Second operand 29 states. [2019-08-05 10:57:30,472 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:30,472 INFO L93 Difference]: Finished difference Result 431 states and 459 transitions. [2019-08-05 10:57:30,472 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2019-08-05 10:57:30,472 INFO L78 Accepts]: Start accepts. Automaton has 29 states. Word has length 379 [2019-08-05 10:57:30,473 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:30,475 INFO L225 Difference]: With dead ends: 431 [2019-08-05 10:57:30,475 INFO L226 Difference]: Without dead ends: 431 [2019-08-05 10:57:30,475 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 378 GetRequests, 351 SyntacticMatches, 0 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=406, Invalid=406, Unknown=0, NotChecked=0, Total=812 [2019-08-05 10:57:30,475 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 431 states. [2019-08-05 10:57:30,479 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 431 to 406. [2019-08-05 10:57:30,479 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 406 states. [2019-08-05 10:57:30,479 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 406 states to 406 states and 433 transitions. [2019-08-05 10:57:30,480 INFO L78 Accepts]: Start accepts. Automaton has 406 states and 433 transitions. Word has length 379 [2019-08-05 10:57:30,480 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:30,480 INFO L475 AbstractCegarLoop]: Abstraction has 406 states and 433 transitions. [2019-08-05 10:57:30,480 INFO L476 AbstractCegarLoop]: Interpolant automaton has 29 states. [2019-08-05 10:57:30,480 INFO L276 IsEmpty]: Start isEmpty. Operand 406 states and 433 transitions. [2019-08-05 10:57:30,482 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 406 [2019-08-05 10:57:30,483 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:30,483 INFO L399 BasicCegarLoop]: trace histogram [348, 27, 27, 1, 1, 1] [2019-08-05 10:57:30,483 INFO L418 AbstractCegarLoop]: === Iteration 52 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:30,483 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:30,483 INFO L82 PathProgramCache]: Analyzing trace with hash -2024266821, now seen corresponding path program 48 times [2019-08-05 10:57:30,484 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:32,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:32,450 INFO L256 TraceCheckSpWp]: Trace formula consists of 7385 conjuncts, 54 conjunts are in the unsatisfiable core [2019-08-05 10:57:32,455 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:33,826 INFO L134 CoverageAnalysis]: Checked inductivity of 70503 backedges. 59177 proven. 8425 refuted. 0 times theorem prover too weak. 2901 trivial. 0 not checked. [2019-08-05 10:57:33,826 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:33,826 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [52] total 52 [2019-08-05 10:57:33,826 INFO L454 AbstractCegarLoop]: Interpolant automaton has 53 states [2019-08-05 10:57:33,827 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 53 interpolants. [2019-08-05 10:57:33,827 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=728, Invalid=2028, Unknown=0, NotChecked=0, Total=2756 [2019-08-05 10:57:33,827 INFO L87 Difference]: Start difference. First operand 406 states and 433 transitions. Second operand 53 states. [2019-08-05 10:57:35,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:35,140 INFO L93 Difference]: Finished difference Result 408 states and 435 transitions. [2019-08-05 10:57:35,141 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 53 states. [2019-08-05 10:57:35,141 INFO L78 Accepts]: Start accepts. Automaton has 53 states. Word has length 405 [2019-08-05 10:57:35,142 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:35,144 INFO L225 Difference]: With dead ends: 408 [2019-08-05 10:57:35,144 INFO L226 Difference]: Without dead ends: 408 [2019-08-05 10:57:35,145 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 429 GetRequests, 353 SyntacticMatches, 0 SemanticMatches, 76 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 925 ImplicationChecksByTransitivity, 1.6s TimeCoverageRelationStatistics Valid=2053, Invalid=3953, Unknown=0, NotChecked=0, Total=6006 [2019-08-05 10:57:35,145 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 408 states. [2019-08-05 10:57:35,148 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 408 to 408. [2019-08-05 10:57:35,148 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 408 states. [2019-08-05 10:57:35,148 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 408 states to 408 states and 435 transitions. [2019-08-05 10:57:35,149 INFO L78 Accepts]: Start accepts. Automaton has 408 states and 435 transitions. Word has length 405 [2019-08-05 10:57:35,149 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:35,149 INFO L475 AbstractCegarLoop]: Abstraction has 408 states and 435 transitions. [2019-08-05 10:57:35,149 INFO L476 AbstractCegarLoop]: Interpolant automaton has 53 states. [2019-08-05 10:57:35,149 INFO L276 IsEmpty]: Start isEmpty. Operand 408 states and 435 transitions. [2019-08-05 10:57:35,151 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 408 [2019-08-05 10:57:35,151 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:35,151 INFO L399 BasicCegarLoop]: trace histogram [350, 27, 27, 1, 1, 1] [2019-08-05 10:57:35,151 INFO L418 AbstractCegarLoop]: === Iteration 53 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:35,151 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:35,151 INFO L82 PathProgramCache]: Analyzing trace with hash -1541940213, now seen corresponding path program 49 times [2019-08-05 10:57:35,152 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:36,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:36,979 INFO L256 TraceCheckSpWp]: Trace formula consists of 7421 conjuncts, 29 conjunts are in the unsatisfiable core [2019-08-05 10:57:36,983 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:37,395 INFO L134 CoverageAnalysis]: Checked inductivity of 71254 backedges. 0 proven. 68004 refuted. 0 times theorem prover too weak. 3250 trivial. 0 not checked. [2019-08-05 10:57:37,395 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:37,395 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [29] total 29 [2019-08-05 10:57:37,395 INFO L454 AbstractCegarLoop]: Interpolant automaton has 30 states [2019-08-05 10:57:37,396 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2019-08-05 10:57:37,396 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=435, Invalid=435, Unknown=0, NotChecked=0, Total=870 [2019-08-05 10:57:37,396 INFO L87 Difference]: Start difference. First operand 408 states and 435 transitions. Second operand 30 states. [2019-08-05 10:57:37,523 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:37,523 INFO L93 Difference]: Finished difference Result 461 states and 490 transitions. [2019-08-05 10:57:37,524 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2019-08-05 10:57:37,524 INFO L78 Accepts]: Start accepts. Automaton has 30 states. Word has length 407 [2019-08-05 10:57:37,524 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:37,526 INFO L225 Difference]: With dead ends: 461 [2019-08-05 10:57:37,526 INFO L226 Difference]: Without dead ends: 461 [2019-08-05 10:57:37,527 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 406 GetRequests, 378 SyntacticMatches, 0 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=435, Invalid=435, Unknown=0, NotChecked=0, Total=870 [2019-08-05 10:57:37,527 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 461 states. [2019-08-05 10:57:37,530 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 461 to 435. [2019-08-05 10:57:37,530 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 435 states. [2019-08-05 10:57:37,531 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 435 states to 435 states and 463 transitions. [2019-08-05 10:57:37,531 INFO L78 Accepts]: Start accepts. Automaton has 435 states and 463 transitions. Word has length 407 [2019-08-05 10:57:37,531 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:37,531 INFO L475 AbstractCegarLoop]: Abstraction has 435 states and 463 transitions. [2019-08-05 10:57:37,531 INFO L476 AbstractCegarLoop]: Interpolant automaton has 30 states. [2019-08-05 10:57:37,531 INFO L276 IsEmpty]: Start isEmpty. Operand 435 states and 463 transitions. [2019-08-05 10:57:37,533 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 435 [2019-08-05 10:57:37,533 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:37,534 INFO L399 BasicCegarLoop]: trace histogram [375, 28, 28, 1, 1, 1] [2019-08-05 10:57:37,534 INFO L418 AbstractCegarLoop]: === Iteration 54 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:37,534 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:37,534 INFO L82 PathProgramCache]: Analyzing trace with hash -1211254654, now seen corresponding path program 50 times [2019-08-05 10:57:37,535 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:39,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:40,037 INFO L256 TraceCheckSpWp]: Trace formula consists of 7911 conjuncts, 56 conjunts are in the unsatisfiable core [2019-08-05 10:57:40,041 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:41,138 INFO L134 CoverageAnalysis]: Checked inductivity of 81409 backedges. 68707 proven. 9451 refuted. 0 times theorem prover too weak. 3251 trivial. 0 not checked. [2019-08-05 10:57:41,138 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:41,138 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [54] total 54 [2019-08-05 10:57:41,139 INFO L454 AbstractCegarLoop]: Interpolant automaton has 55 states [2019-08-05 10:57:41,139 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 55 interpolants. [2019-08-05 10:57:41,139 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=783, Invalid=2187, Unknown=0, NotChecked=0, Total=2970 [2019-08-05 10:57:41,139 INFO L87 Difference]: Start difference. First operand 435 states and 463 transitions. Second operand 55 states. [2019-08-05 10:57:42,766 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:42,767 INFO L93 Difference]: Finished difference Result 437 states and 465 transitions. [2019-08-05 10:57:42,767 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 55 states. [2019-08-05 10:57:42,767 INFO L78 Accepts]: Start accepts. Automaton has 55 states. Word has length 434 [2019-08-05 10:57:42,768 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:42,770 INFO L225 Difference]: With dead ends: 437 [2019-08-05 10:57:42,770 INFO L226 Difference]: Without dead ends: 437 [2019-08-05 10:57:42,771 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 459 GetRequests, 380 SyntacticMatches, 0 SemanticMatches, 79 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1001 ImplicationChecksByTransitivity, 1.4s TimeCoverageRelationStatistics Valid=2213, Invalid=4267, Unknown=0, NotChecked=0, Total=6480 [2019-08-05 10:57:42,772 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 437 states. [2019-08-05 10:57:42,775 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 437 to 437. [2019-08-05 10:57:42,775 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 437 states. [2019-08-05 10:57:42,776 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 437 states to 437 states and 465 transitions. [2019-08-05 10:57:42,776 INFO L78 Accepts]: Start accepts. Automaton has 437 states and 465 transitions. Word has length 434 [2019-08-05 10:57:42,776 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:42,776 INFO L475 AbstractCegarLoop]: Abstraction has 437 states and 465 transitions. [2019-08-05 10:57:42,776 INFO L476 AbstractCegarLoop]: Interpolant automaton has 55 states. [2019-08-05 10:57:42,777 INFO L276 IsEmpty]: Start isEmpty. Operand 437 states and 465 transitions. [2019-08-05 10:57:42,779 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 437 [2019-08-05 10:57:42,779 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:42,779 INFO L399 BasicCegarLoop]: trace histogram [377, 28, 28, 1, 1, 1] [2019-08-05 10:57:42,780 INFO L418 AbstractCegarLoop]: === Iteration 55 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:42,780 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:42,780 INFO L82 PathProgramCache]: Analyzing trace with hash -1404344270, now seen corresponding path program 51 times [2019-08-05 10:57:42,781 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:45,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:45,174 INFO L256 TraceCheckSpWp]: Trace formula consists of 7947 conjuncts, 30 conjunts are in the unsatisfiable core [2019-08-05 10:57:45,180 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:45,727 INFO L134 CoverageAnalysis]: Checked inductivity of 82216 backedges. 0 proven. 78589 refuted. 0 times theorem prover too weak. 3627 trivial. 0 not checked. [2019-08-05 10:57:45,728 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:45,728 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [30] total 30 [2019-08-05 10:57:45,728 INFO L454 AbstractCegarLoop]: Interpolant automaton has 31 states [2019-08-05 10:57:45,728 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2019-08-05 10:57:45,728 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=465, Invalid=465, Unknown=0, NotChecked=0, Total=930 [2019-08-05 10:57:45,729 INFO L87 Difference]: Start difference. First operand 437 states and 465 transitions. Second operand 31 states. [2019-08-05 10:57:45,862 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:45,862 INFO L93 Difference]: Finished difference Result 492 states and 522 transitions. [2019-08-05 10:57:45,863 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2019-08-05 10:57:45,863 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 436 [2019-08-05 10:57:45,864 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:45,865 INFO L225 Difference]: With dead ends: 492 [2019-08-05 10:57:45,866 INFO L226 Difference]: Without dead ends: 492 [2019-08-05 10:57:45,866 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 435 GetRequests, 406 SyntacticMatches, 0 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=465, Invalid=465, Unknown=0, NotChecked=0, Total=930 [2019-08-05 10:57:45,866 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 492 states. [2019-08-05 10:57:45,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 492 to 465. [2019-08-05 10:57:45,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 465 states. [2019-08-05 10:57:45,869 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 465 states to 465 states and 494 transitions. [2019-08-05 10:57:45,869 INFO L78 Accepts]: Start accepts. Automaton has 465 states and 494 transitions. Word has length 436 [2019-08-05 10:57:45,870 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:45,870 INFO L475 AbstractCegarLoop]: Abstraction has 465 states and 494 transitions. [2019-08-05 10:57:45,870 INFO L476 AbstractCegarLoop]: Interpolant automaton has 31 states. [2019-08-05 10:57:45,870 INFO L276 IsEmpty]: Start isEmpty. Operand 465 states and 494 transitions. [2019-08-05 10:57:45,871 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 465 [2019-08-05 10:57:45,872 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:45,872 INFO L399 BasicCegarLoop]: trace histogram [403, 29, 29, 1, 1, 1] [2019-08-05 10:57:45,872 INFO L418 AbstractCegarLoop]: === Iteration 56 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:45,872 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:45,872 INFO L82 PathProgramCache]: Analyzing trace with hash -876625606, now seen corresponding path program 52 times [2019-08-05 10:57:45,873 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:48,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:48,747 INFO L256 TraceCheckSpWp]: Trace formula consists of 8455 conjuncts, 58 conjunts are in the unsatisfiable core [2019-08-05 10:57:48,752 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:50,013 INFO L134 CoverageAnalysis]: Checked inductivity of 93531 backedges. 79346 proven. 10557 refuted. 0 times theorem prover too weak. 3628 trivial. 0 not checked. [2019-08-05 10:57:50,014 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:50,014 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [56] total 56 [2019-08-05 10:57:50,014 INFO L454 AbstractCegarLoop]: Interpolant automaton has 57 states [2019-08-05 10:57:50,015 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 57 interpolants. [2019-08-05 10:57:50,015 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=840, Invalid=2352, Unknown=0, NotChecked=0, Total=3192 [2019-08-05 10:57:50,016 INFO L87 Difference]: Start difference. First operand 465 states and 494 transitions. Second operand 57 states. [2019-08-05 10:57:52,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:52,662 INFO L93 Difference]: Finished difference Result 467 states and 496 transitions. [2019-08-05 10:57:52,663 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 57 states. [2019-08-05 10:57:52,663 INFO L78 Accepts]: Start accepts. Automaton has 57 states. Word has length 464 [2019-08-05 10:57:52,663 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:52,665 INFO L225 Difference]: With dead ends: 467 [2019-08-05 10:57:52,665 INFO L226 Difference]: Without dead ends: 467 [2019-08-05 10:57:52,666 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 490 GetRequests, 408 SyntacticMatches, 0 SemanticMatches, 82 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1080 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=2379, Invalid=4593, Unknown=0, NotChecked=0, Total=6972 [2019-08-05 10:57:52,666 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 467 states. [2019-08-05 10:57:52,669 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 467 to 467. [2019-08-05 10:57:52,669 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 467 states. [2019-08-05 10:57:52,670 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 467 states to 467 states and 496 transitions. [2019-08-05 10:57:52,670 INFO L78 Accepts]: Start accepts. Automaton has 467 states and 496 transitions. Word has length 464 [2019-08-05 10:57:52,670 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:52,671 INFO L475 AbstractCegarLoop]: Abstraction has 467 states and 496 transitions. [2019-08-05 10:57:52,671 INFO L476 AbstractCegarLoop]: Interpolant automaton has 57 states. [2019-08-05 10:57:52,671 INFO L276 IsEmpty]: Start isEmpty. Operand 467 states and 496 transitions. [2019-08-05 10:57:52,673 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 467 [2019-08-05 10:57:52,673 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:52,673 INFO L399 BasicCegarLoop]: trace histogram [405, 29, 29, 1, 1, 1] [2019-08-05 10:57:52,674 INFO L418 AbstractCegarLoop]: === Iteration 57 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:52,674 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:52,674 INFO L82 PathProgramCache]: Analyzing trace with hash 1192212938, now seen corresponding path program 53 times [2019-08-05 10:57:52,675 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:55,468 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:55,523 INFO L256 TraceCheckSpWp]: Trace formula consists of 8491 conjuncts, 31 conjunts are in the unsatisfiable core [2019-08-05 10:57:55,528 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:56,024 INFO L134 CoverageAnalysis]: Checked inductivity of 94396 backedges. 0 proven. 90364 refuted. 0 times theorem prover too weak. 4032 trivial. 0 not checked. [2019-08-05 10:57:56,025 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:56,025 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [31] total 31 [2019-08-05 10:57:56,025 INFO L454 AbstractCegarLoop]: Interpolant automaton has 32 states [2019-08-05 10:57:56,025 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 32 interpolants. [2019-08-05 10:57:56,025 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=496, Invalid=496, Unknown=0, NotChecked=0, Total=992 [2019-08-05 10:57:56,026 INFO L87 Difference]: Start difference. First operand 467 states and 496 transitions. Second operand 32 states. [2019-08-05 10:57:56,162 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:57:56,162 INFO L93 Difference]: Finished difference Result 524 states and 555 transitions. [2019-08-05 10:57:56,163 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2019-08-05 10:57:56,163 INFO L78 Accepts]: Start accepts. Automaton has 32 states. Word has length 466 [2019-08-05 10:57:56,163 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:57:56,165 INFO L225 Difference]: With dead ends: 524 [2019-08-05 10:57:56,166 INFO L226 Difference]: Without dead ends: 524 [2019-08-05 10:57:56,166 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 465 GetRequests, 435 SyntacticMatches, 0 SemanticMatches, 30 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=496, Invalid=496, Unknown=0, NotChecked=0, Total=992 [2019-08-05 10:57:56,166 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 524 states. [2019-08-05 10:57:56,169 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 524 to 496. [2019-08-05 10:57:56,169 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 496 states. [2019-08-05 10:57:56,169 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 496 states to 496 states and 526 transitions. [2019-08-05 10:57:56,169 INFO L78 Accepts]: Start accepts. Automaton has 496 states and 526 transitions. Word has length 466 [2019-08-05 10:57:56,170 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:57:56,170 INFO L475 AbstractCegarLoop]: Abstraction has 496 states and 526 transitions. [2019-08-05 10:57:56,170 INFO L476 AbstractCegarLoop]: Interpolant automaton has 32 states. [2019-08-05 10:57:56,170 INFO L276 IsEmpty]: Start isEmpty. Operand 496 states and 526 transitions. [2019-08-05 10:57:56,172 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 496 [2019-08-05 10:57:56,172 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:57:56,172 INFO L399 BasicCegarLoop]: trace histogram [432, 30, 30, 1, 1, 1] [2019-08-05 10:57:56,172 INFO L418 AbstractCegarLoop]: === Iteration 58 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:57:56,172 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:57:56,173 INFO L82 PathProgramCache]: Analyzing trace with hash -1060591293, now seen corresponding path program 54 times [2019-08-05 10:57:56,173 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:57:58,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:57:58,693 INFO L256 TraceCheckSpWp]: Trace formula consists of 9017 conjuncts, 60 conjunts are in the unsatisfiable core [2019-08-05 10:57:58,698 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:57:59,990 INFO L134 CoverageAnalysis]: Checked inductivity of 106956 backedges. 91177 proven. 11746 refuted. 0 times theorem prover too weak. 4033 trivial. 0 not checked. [2019-08-05 10:57:59,990 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:57:59,991 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [58] total 58 [2019-08-05 10:57:59,991 INFO L454 AbstractCegarLoop]: Interpolant automaton has 59 states [2019-08-05 10:57:59,991 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 59 interpolants. [2019-08-05 10:57:59,991 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=899, Invalid=2523, Unknown=0, NotChecked=0, Total=3422 [2019-08-05 10:57:59,991 INFO L87 Difference]: Start difference. First operand 496 states and 526 transitions. Second operand 59 states. [2019-08-05 10:58:02,310 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:58:02,310 INFO L93 Difference]: Finished difference Result 498 states and 528 transitions. [2019-08-05 10:58:02,311 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 59 states. [2019-08-05 10:58:02,311 INFO L78 Accepts]: Start accepts. Automaton has 59 states. Word has length 495 [2019-08-05 10:58:02,312 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:58:02,314 INFO L225 Difference]: With dead ends: 498 [2019-08-05 10:58:02,314 INFO L226 Difference]: Without dead ends: 498 [2019-08-05 10:58:02,315 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 522 GetRequests, 437 SyntacticMatches, 0 SemanticMatches, 85 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1162 ImplicationChecksByTransitivity, 1.6s TimeCoverageRelationStatistics Valid=2551, Invalid=4931, Unknown=0, NotChecked=0, Total=7482 [2019-08-05 10:58:02,315 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 498 states. [2019-08-05 10:58:02,318 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 498 to 498. [2019-08-05 10:58:02,318 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 498 states. [2019-08-05 10:58:02,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 498 states to 498 states and 528 transitions. [2019-08-05 10:58:02,319 INFO L78 Accepts]: Start accepts. Automaton has 498 states and 528 transitions. Word has length 495 [2019-08-05 10:58:02,319 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:58:02,320 INFO L475 AbstractCegarLoop]: Abstraction has 498 states and 528 transitions. [2019-08-05 10:58:02,320 INFO L476 AbstractCegarLoop]: Interpolant automaton has 59 states. [2019-08-05 10:58:02,320 INFO L276 IsEmpty]: Start isEmpty. Operand 498 states and 528 transitions. [2019-08-05 10:58:02,322 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 498 [2019-08-05 10:58:02,322 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:58:02,323 INFO L399 BasicCegarLoop]: trace histogram [434, 30, 30, 1, 1, 1] [2019-08-05 10:58:02,323 INFO L418 AbstractCegarLoop]: === Iteration 59 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:58:02,323 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:58:02,324 INFO L82 PathProgramCache]: Analyzing trace with hash -931133261, now seen corresponding path program 55 times [2019-08-05 10:58:02,324 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:58:05,020 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:58:05,074 INFO L256 TraceCheckSpWp]: Trace formula consists of 9053 conjuncts, 32 conjunts are in the unsatisfiable core [2019-08-05 10:58:05,080 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:58:05,916 INFO L134 CoverageAnalysis]: Checked inductivity of 107881 backedges. 0 proven. 103415 refuted. 0 times theorem prover too weak. 4466 trivial. 0 not checked. [2019-08-05 10:58:05,916 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:58:05,916 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [32] total 32 [2019-08-05 10:58:05,917 INFO L454 AbstractCegarLoop]: Interpolant automaton has 33 states [2019-08-05 10:58:05,917 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2019-08-05 10:58:05,917 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=528, Invalid=528, Unknown=0, NotChecked=0, Total=1056 [2019-08-05 10:58:05,917 INFO L87 Difference]: Start difference. First operand 498 states and 528 transitions. Second operand 33 states. [2019-08-05 10:58:06,055 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:58:06,055 INFO L93 Difference]: Finished difference Result 557 states and 589 transitions. [2019-08-05 10:58:06,056 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2019-08-05 10:58:06,056 INFO L78 Accepts]: Start accepts. Automaton has 33 states. Word has length 497 [2019-08-05 10:58:06,056 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:58:06,059 INFO L225 Difference]: With dead ends: 557 [2019-08-05 10:58:06,059 INFO L226 Difference]: Without dead ends: 557 [2019-08-05 10:58:06,059 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 496 GetRequests, 465 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=528, Invalid=528, Unknown=0, NotChecked=0, Total=1056 [2019-08-05 10:58:06,060 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 557 states. [2019-08-05 10:58:06,064 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 557 to 528. [2019-08-05 10:58:06,064 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 528 states. [2019-08-05 10:58:06,064 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 528 states to 528 states and 559 transitions. [2019-08-05 10:58:06,065 INFO L78 Accepts]: Start accepts. Automaton has 528 states and 559 transitions. Word has length 497 [2019-08-05 10:58:06,065 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:58:06,065 INFO L475 AbstractCegarLoop]: Abstraction has 528 states and 559 transitions. [2019-08-05 10:58:06,065 INFO L476 AbstractCegarLoop]: Interpolant automaton has 33 states. [2019-08-05 10:58:06,065 INFO L276 IsEmpty]: Start isEmpty. Operand 528 states and 559 transitions. [2019-08-05 10:58:06,068 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 528 [2019-08-05 10:58:06,068 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:58:06,069 INFO L399 BasicCegarLoop]: trace histogram [462, 31, 31, 1, 1, 1] [2019-08-05 10:58:06,069 INFO L418 AbstractCegarLoop]: === Iteration 60 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:58:06,069 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:58:06,069 INFO L82 PathProgramCache]: Analyzing trace with hash -1432379877, now seen corresponding path program 56 times [2019-08-05 10:58:06,070 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:58:09,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:58:10,545 INFO L256 TraceCheckSpWp]: Trace formula consists of 9597 conjuncts, 62 conjunts are in the unsatisfiable core [2019-08-05 10:58:10,551 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:58:11,874 INFO L134 CoverageAnalysis]: Checked inductivity of 121774 backedges. 104286 proven. 13021 refuted. 0 times theorem prover too weak. 4467 trivial. 0 not checked. [2019-08-05 10:58:11,875 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:58:11,875 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [60] total 60 [2019-08-05 10:58:11,875 INFO L454 AbstractCegarLoop]: Interpolant automaton has 61 states [2019-08-05 10:58:11,876 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 61 interpolants. [2019-08-05 10:58:11,876 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=960, Invalid=2700, Unknown=0, NotChecked=0, Total=3660 [2019-08-05 10:58:11,876 INFO L87 Difference]: Start difference. First operand 528 states and 559 transitions. Second operand 61 states. [2019-08-05 10:58:12,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:58:12,922 INFO L93 Difference]: Finished difference Result 530 states and 561 transitions. [2019-08-05 10:58:12,922 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 61 states. [2019-08-05 10:58:12,922 INFO L78 Accepts]: Start accepts. Automaton has 61 states. Word has length 527 [2019-08-05 10:58:12,923 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:58:12,925 INFO L225 Difference]: With dead ends: 530 [2019-08-05 10:58:12,925 INFO L226 Difference]: Without dead ends: 530 [2019-08-05 10:58:12,926 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 555 GetRequests, 467 SyntacticMatches, 0 SemanticMatches, 88 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1247 ImplicationChecksByTransitivity, 1.6s TimeCoverageRelationStatistics Valid=2729, Invalid=5281, Unknown=0, NotChecked=0, Total=8010 [2019-08-05 10:58:12,927 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 530 states. [2019-08-05 10:58:12,929 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 530 to 530. [2019-08-05 10:58:12,930 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 530 states. [2019-08-05 10:58:12,930 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 530 states to 530 states and 561 transitions. [2019-08-05 10:58:12,930 INFO L78 Accepts]: Start accepts. Automaton has 530 states and 561 transitions. Word has length 527 [2019-08-05 10:58:12,930 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:58:12,931 INFO L475 AbstractCegarLoop]: Abstraction has 530 states and 561 transitions. [2019-08-05 10:58:12,931 INFO L476 AbstractCegarLoop]: Interpolant automaton has 61 states. [2019-08-05 10:58:12,931 INFO L276 IsEmpty]: Start isEmpty. Operand 530 states and 561 transitions. [2019-08-05 10:58:12,933 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 530 [2019-08-05 10:58:12,934 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:58:12,934 INFO L399 BasicCegarLoop]: trace histogram [464, 31, 31, 1, 1, 1] [2019-08-05 10:58:12,934 INFO L418 AbstractCegarLoop]: === Iteration 61 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:58:12,934 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:58:12,935 INFO L82 PathProgramCache]: Analyzing trace with hash 1301579371, now seen corresponding path program 57 times [2019-08-05 10:58:12,935 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:58:16,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:58:16,925 INFO L256 TraceCheckSpWp]: Trace formula consists of 9633 conjuncts, 33 conjunts are in the unsatisfiable core [2019-08-05 10:58:16,934 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:58:17,642 INFO L134 CoverageAnalysis]: Checked inductivity of 122761 backedges. 0 proven. 117831 refuted. 0 times theorem prover too weak. 4930 trivial. 0 not checked. [2019-08-05 10:58:17,642 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:58:17,642 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [33] total 33 [2019-08-05 10:58:17,642 INFO L454 AbstractCegarLoop]: Interpolant automaton has 34 states [2019-08-05 10:58:17,643 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2019-08-05 10:58:17,643 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=561, Invalid=561, Unknown=0, NotChecked=0, Total=1122 [2019-08-05 10:58:17,643 INFO L87 Difference]: Start difference. First operand 530 states and 561 transitions. Second operand 34 states. [2019-08-05 10:58:17,784 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:58:17,784 INFO L93 Difference]: Finished difference Result 561 states and 593 transitions. [2019-08-05 10:58:17,784 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2019-08-05 10:58:17,785 INFO L78 Accepts]: Start accepts. Automaton has 34 states. Word has length 529 [2019-08-05 10:58:17,785 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:58:17,788 INFO L225 Difference]: With dead ends: 561 [2019-08-05 10:58:17,788 INFO L226 Difference]: Without dead ends: 561 [2019-08-05 10:58:17,788 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 528 GetRequests, 496 SyntacticMatches, 0 SemanticMatches, 32 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=561, Invalid=561, Unknown=0, NotChecked=0, Total=1122 [2019-08-05 10:58:17,789 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 561 states. [2019-08-05 10:58:17,792 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 561 to 561. [2019-08-05 10:58:17,792 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 561 states. [2019-08-05 10:58:17,793 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 561 states to 561 states and 593 transitions. [2019-08-05 10:58:17,793 INFO L78 Accepts]: Start accepts. Automaton has 561 states and 593 transitions. Word has length 529 [2019-08-05 10:58:17,793 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:58:17,794 INFO L475 AbstractCegarLoop]: Abstraction has 561 states and 593 transitions. [2019-08-05 10:58:17,794 INFO L476 AbstractCegarLoop]: Interpolant automaton has 34 states. [2019-08-05 10:58:17,794 INFO L276 IsEmpty]: Start isEmpty. Operand 561 states and 593 transitions. [2019-08-05 10:58:17,796 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 561 [2019-08-05 10:58:17,797 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:58:17,797 INFO L399 BasicCegarLoop]: trace histogram [493, 32, 32, 1, 1, 1] [2019-08-05 10:58:17,797 INFO L418 AbstractCegarLoop]: === Iteration 62 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:58:17,797 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:58:17,797 INFO L82 PathProgramCache]: Analyzing trace with hash -207683998, now seen corresponding path program 58 times [2019-08-05 10:58:17,798 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:58:22,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:58:22,326 INFO L256 TraceCheckSpWp]: Trace formula consists of 10195 conjuncts, 64 conjunts are in the unsatisfiable core [2019-08-05 10:58:22,332 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:58:23,880 INFO L134 CoverageAnalysis]: Checked inductivity of 138078 backedges. 118762 proven. 14385 refuted. 0 times theorem prover too weak. 4931 trivial. 0 not checked. [2019-08-05 10:58:23,880 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:58:23,880 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [62] total 62 [2019-08-05 10:58:23,880 INFO L454 AbstractCegarLoop]: Interpolant automaton has 63 states [2019-08-05 10:58:23,881 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 63 interpolants. [2019-08-05 10:58:23,881 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1023, Invalid=2883, Unknown=0, NotChecked=0, Total=3906 [2019-08-05 10:58:23,881 INFO L87 Difference]: Start difference. First operand 561 states and 593 transitions. Second operand 63 states. [2019-08-05 10:58:26,861 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:58:26,861 INFO L93 Difference]: Finished difference Result 563 states and 595 transitions. [2019-08-05 10:58:26,861 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 63 states. [2019-08-05 10:58:26,862 INFO L78 Accepts]: Start accepts. Automaton has 63 states. Word has length 560 [2019-08-05 10:58:26,862 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:58:26,864 INFO L225 Difference]: With dead ends: 563 [2019-08-05 10:58:26,865 INFO L226 Difference]: Without dead ends: 563 [2019-08-05 10:58:26,865 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 589 GetRequests, 498 SyntacticMatches, 0 SemanticMatches, 91 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1335 ImplicationChecksByTransitivity, 1.9s TimeCoverageRelationStatistics Valid=2913, Invalid=5643, Unknown=0, NotChecked=0, Total=8556 [2019-08-05 10:58:26,866 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 563 states. [2019-08-05 10:58:26,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 563 to 563. [2019-08-05 10:58:26,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 563 states. [2019-08-05 10:58:26,870 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 563 states to 563 states and 595 transitions. [2019-08-05 10:58:26,870 INFO L78 Accepts]: Start accepts. Automaton has 563 states and 595 transitions. Word has length 560 [2019-08-05 10:58:26,870 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:58:26,870 INFO L475 AbstractCegarLoop]: Abstraction has 563 states and 595 transitions. [2019-08-05 10:58:26,870 INFO L476 AbstractCegarLoop]: Interpolant automaton has 63 states. [2019-08-05 10:58:26,870 INFO L276 IsEmpty]: Start isEmpty. Operand 563 states and 595 transitions. [2019-08-05 10:58:26,872 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 563 [2019-08-05 10:58:26,872 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:58:26,873 INFO L399 BasicCegarLoop]: trace histogram [495, 32, 32, 1, 1, 1] [2019-08-05 10:58:26,873 INFO L418 AbstractCegarLoop]: === Iteration 63 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:58:26,873 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:58:26,873 INFO L82 PathProgramCache]: Analyzing trace with hash 1140944402, now seen corresponding path program 59 times [2019-08-05 10:58:26,874 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy [2019-08-05 10:58:31,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-08-05 10:58:31,564 INFO L256 TraceCheckSpWp]: Trace formula consists of 10231 conjuncts, 66 conjunts are in the unsatisfiable core [2019-08-05 10:58:31,571 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-08-05 10:58:33,032 INFO L134 CoverageAnalysis]: Checked inductivity of 139129 backedges. 118328 proven. 15841 refuted. 0 times theorem prover too weak. 4960 trivial. 0 not checked. [2019-08-05 10:58:33,033 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 1 imperfect interpolant sequences. [2019-08-05 10:58:33,033 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [64] total 64 [2019-08-05 10:58:33,033 INFO L454 AbstractCegarLoop]: Interpolant automaton has 65 states [2019-08-05 10:58:33,034 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 65 interpolants. [2019-08-05 10:58:33,034 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1088, Invalid=3072, Unknown=0, NotChecked=0, Total=4160 [2019-08-05 10:58:33,034 INFO L87 Difference]: Start difference. First operand 563 states and 595 transitions. Second operand 65 states. [2019-08-05 10:58:35,137 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-08-05 10:58:35,137 INFO L93 Difference]: Finished difference Result 564 states and 596 transitions. [2019-08-05 10:58:35,138 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 65 states. [2019-08-05 10:58:35,138 INFO L78 Accepts]: Start accepts. Automaton has 65 states. Word has length 562 [2019-08-05 10:58:35,139 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-08-05 10:58:35,141 INFO L225 Difference]: With dead ends: 564 [2019-08-05 10:58:35,141 INFO L226 Difference]: Without dead ends: 564 [2019-08-05 10:58:35,142 INFO L628 BasicCegarLoop]: 0 DeclaredPredicates, 592 GetRequests, 498 SyntacticMatches, 0 SemanticMatches, 94 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1426 ImplicationChecksByTransitivity, 1.9s TimeCoverageRelationStatistics Valid=3103, Invalid=6017, Unknown=0, NotChecked=0, Total=9120 [2019-08-05 10:58:35,143 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 564 states. [2019-08-05 10:58:35,146 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 564 to 564. [2019-08-05 10:58:35,146 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 564 states. [2019-08-05 10:58:35,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 564 states to 564 states and 596 transitions. [2019-08-05 10:58:35,147 INFO L78 Accepts]: Start accepts. Automaton has 564 states and 596 transitions. Word has length 562 [2019-08-05 10:58:35,147 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-08-05 10:58:35,147 INFO L475 AbstractCegarLoop]: Abstraction has 564 states and 596 transitions. [2019-08-05 10:58:35,147 INFO L476 AbstractCegarLoop]: Interpolant automaton has 65 states. [2019-08-05 10:58:35,147 INFO L276 IsEmpty]: Start isEmpty. Operand 564 states and 596 transitions. [2019-08-05 10:58:35,149 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 564 [2019-08-05 10:58:35,149 INFO L391 BasicCegarLoop]: Found error trace [2019-08-05 10:58:35,150 INFO L399 BasicCegarLoop]: trace histogram [496, 32, 32, 1, 1, 1] [2019-08-05 10:58:35,150 INFO L418 AbstractCegarLoop]: === Iteration 64 === [ULTIMATE.startErr0ASSERT_VIOLATIONASSERT]=== [2019-08-05 10:58:35,150 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-08-05 10:58:35,151 INFO L82 PathProgramCache]: Analyzing trace with hash 1009607171, now seen corresponding path program 60 times [2019-08-05 10:58:35,151 INFO L69 tionRefinementEngine]: Using refinement strategy FixedRefinementStrategy Received shutdown request... [2019-08-05 11:00:32,229 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2019-08-05 11:00:32,503 INFO L285 seRefinementStrategy]: Strategy FixedRefinementStrategy was unsuccessful and could not determine trace feasibility. [2019-08-05 11:00:32,503 INFO L466 BasicCegarLoop]: Counterexample might be feasible [2019-08-05 11:00:32,638 WARN L226 ceAbstractionStarter]: Unable to decide correctness. Please check the following counterexample manually. [2019-08-05 11:00:32,639 INFO L202 PluginConnector]: Adding new model ArraysOfVariableLength5_true-valid-memsafety.c_13.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.08 11:00:32 BoogieIcfgContainer [2019-08-05 11:00:32,639 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2019-08-05 11:00:32,641 INFO L168 Benchmark]: Toolchain (without parser) took 251915.47 ms. Allocated memory was 132.1 MB in the beginning and 2.9 GB in the end (delta: 2.7 GB). Free memory was 108.0 MB in the beginning and 1.8 GB in the end (delta: -1.7 GB). Peak memory consumption was 2.8 GB. Max. memory is 7.1 GB. [2019-08-05 11:00:32,642 INFO L168 Benchmark]: Boogie PL CUP Parser took 0.21 ms. Allocated memory is still 132.1 MB. Free memory was 109.7 MB in the beginning and 109.5 MB in the end (delta: 209.7 kB). Peak memory consumption was 209.7 kB. Max. memory is 7.1 GB. [2019-08-05 11:00:32,643 INFO L168 Benchmark]: Boogie Procedure Inliner took 36.93 ms. Allocated memory is still 132.1 MB. Free memory was 108.0 MB in the beginning and 106.4 MB in the end (delta: 1.7 MB). Peak memory consumption was 1.7 MB. Max. memory is 7.1 GB. [2019-08-05 11:00:32,643 INFO L168 Benchmark]: Boogie Preprocessor took 24.71 ms. Allocated memory is still 132.1 MB. Free memory was 106.4 MB in the beginning and 105.0 MB in the end (delta: 1.4 MB). Peak memory consumption was 1.4 MB. Max. memory is 7.1 GB. [2019-08-05 11:00:32,644 INFO L168 Benchmark]: RCFGBuilder took 375.44 ms. Allocated memory is still 132.1 MB. Free memory was 105.0 MB in the beginning and 92.1 MB in the end (delta: 12.9 MB). Peak memory consumption was 12.9 MB. Max. memory is 7.1 GB. [2019-08-05 11:00:32,645 INFO L168 Benchmark]: TraceAbstraction took 251473.54 ms. Allocated memory was 132.1 MB in the beginning and 2.9 GB in the end (delta: 2.7 GB). Free memory was 91.9 MB in the beginning and 1.8 GB in the end (delta: -1.7 GB). Peak memory consumption was 2.8 GB. Max. memory is 7.1 GB. [2019-08-05 11:00:32,647 INFO L335 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * Boogie PL CUP Parser took 0.21 ms. Allocated memory is still 132.1 MB. Free memory was 109.7 MB in the beginning and 109.5 MB in the end (delta: 209.7 kB). Peak memory consumption was 209.7 kB. Max. memory is 7.1 GB. * Boogie Procedure Inliner took 36.93 ms. Allocated memory is still 132.1 MB. Free memory was 108.0 MB in the beginning and 106.4 MB in the end (delta: 1.7 MB). Peak memory consumption was 1.7 MB. Max. memory is 7.1 GB. * Boogie Preprocessor took 24.71 ms. Allocated memory is still 132.1 MB. Free memory was 106.4 MB in the beginning and 105.0 MB in the end (delta: 1.4 MB). Peak memory consumption was 1.4 MB. Max. memory is 7.1 GB. * RCFGBuilder took 375.44 ms. Allocated memory is still 132.1 MB. Free memory was 105.0 MB in the beginning and 92.1 MB in the end (delta: 12.9 MB). Peak memory consumption was 12.9 MB. Max. memory is 7.1 GB. * TraceAbstraction took 251473.54 ms. Allocated memory was 132.1 MB in the beginning and 2.9 GB in the end (delta: 2.7 GB). Free memory was 91.9 MB in the beginning and 1.8 GB in the end (delta: -1.7 GB). Peak memory consumption was 2.8 GB. Max. memory is 7.1 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - UnprovableResult [Line: 109]: Unable to prove that assertion always holds Unable to prove that assertion always holds Reason: unable to decide satisfiability of path constraint. Possible FailurePath: [L55] #NULL.offset, #NULL.base := 0, 0; [L56] #valid := #valid[0 := 0]; [L57] main_old_#valid := #valid; [L58] havoc main_#res; [L59] havoc main_~c~0.base, main_~c~0.offset, main_~buffer~0, main_#t~post2, main_~#b~0.base, main_~#mask~0.base, main_~#mask~0.offset, main_~i~1, main_~#b~0.offset, main_#t~mem5, main_#t~ret3, main_#t~post4; [L60] havoc main_~i~1; [L61] #Ultimate.alloc_old_#valid, #Ultimate.alloc_old_#length := #valid, #length; [L62] #Ultimate.alloc_~size := 128; [L63] havoc #Ultimate.alloc_#res.offset, #Ultimate.alloc_#res.base; [L64] havoc #valid, #length; [L65] assume 0 == #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base]; [L66] assume #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base := 1] == #valid; [L67] assume #Ultimate.alloc_#res.offset == 0; [L68] assume !(0 == #Ultimate.alloc_#res.base); [L69] assume #Ultimate.alloc_old_#length[#Ultimate.alloc_#res.base := #Ultimate.alloc_~size] == #length; [L70] main_~#b~0.base, main_~#b~0.offset := #Ultimate.alloc_#res.base, #Ultimate.alloc_#res.offset; [L71] havoc main_~buffer~0; [L72] #Ultimate.alloc_old_#valid, #Ultimate.alloc_old_#length := #valid, #length; [L73] #Ultimate.alloc_~size := 32; [L74] havoc #Ultimate.alloc_#res.offset, #Ultimate.alloc_#res.base; [L75] havoc #valid, #length; [L76] assume 0 == #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base]; [L77] assume #valid == #Ultimate.alloc_old_#valid[#Ultimate.alloc_#res.base := 1]; [L78] assume #Ultimate.alloc_#res.offset == 0; [L79] assume !(0 == #Ultimate.alloc_#res.base); [L80] assume #length == #Ultimate.alloc_old_#length[#Ultimate.alloc_#res.base := #Ultimate.alloc_~size]; [L81] main_~#mask~0.base, main_~#mask~0.offset := #Ultimate.alloc_#res.base, #Ultimate.alloc_#res.offset; [L82] havoc main_~c~0.base, main_~c~0.offset; [L83] main_~i~1 := 0; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L97] assume main_~i~1 < 32; [L98] main_~c~0.base, main_~c~0.offset := main_~#mask~0.base, main_~#mask~0.offset; [L99] foo_#in~b.offset, foo_#in~size, foo_#in~b.base := main_~c~0.offset, main_~i~1, main_~c~0.base; [L100] havoc foo_#res; [L101] havoc foo_#t~post0, foo_#t~mem1, foo_~i~0, foo_~b.offset, foo_~b.base, foo_~size, foo_~a~0; [L102] foo_~b.offset, foo_~b.base := foo_#in~b.offset, foo_#in~b.base; [L103] foo_~size := foo_#in~size; [L104] havoc foo_~a~0; [L105] havoc foo_~i~0; [L106] foo_~i~0 := 0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L133] assume foo_~i~0 < foo_~size; [L134] assume foo_~i~0 < 32 && 0 <= foo_~i~0; [L135] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := foo_~b.base, foo_~i~0 + foo_~b.offset, 1; [L136] assume 1 == #valid[read~int_#ptr.base]; [L137] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L138] assume #valid[read~int_#ptr.base] == 1; [L139] assume 0 <= read~int_#ptr.offset && read~int_#sizeOfReadType + read~int_#ptr.offset <= #length[read~int_#ptr.base]; [L140] havoc read~int_#value; [L141] assume #memory_int[read~int_#ptr.base][read~int_#ptr.offset] == read~int_#value; [L142] foo_#t~mem1 := read~int_#value; [L143] foo_~a~0 := foo_~a~0[foo_~i~0 := foo_#t~mem1]; [L144] havoc foo_#t~mem1; [L145] foo_#t~post0 := foo_~i~0; [L146] foo_~i~0 := foo_#t~post0 + 1; [L147] havoc foo_#t~post0; [L115] assume !(foo_~i~0 < foo_~size); [L116] foo_#res := foo_~i~0; [L117] main_#t~ret3 := foo_#res; [L118] assume 0 <= main_#t~ret3 + 2147483648 && main_#t~ret3 <= 2147483647; [L119] write~int_old_#memory_int := #memory_int; [L120] write~int_#sizeOfWrittenType, write~int_#ptr.base, write~int_#value, write~int_#ptr.offset := 4, main_~#b~0.base, main_#t~ret3, main_~#b~0.offset + 4 * main_~i~1; [L121] assume 1 == #valid[write~int_#ptr.base]; [L122] assume 0 <= write~int_#ptr.offset && write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base]; [L123] assume 1 == #valid[write~int_#ptr.base]; [L124] assume write~int_#sizeOfWrittenType + write~int_#ptr.offset <= #length[write~int_#ptr.base] && 0 <= write~int_#ptr.offset; [L125] havoc #memory_int; [L126] assume #memory_int == write~int_old_#memory_int[write~int_#ptr.base := write~int_old_#memory_int[write~int_#ptr.base][write~int_#ptr.offset := write~int_#value]]; [L127] havoc main_#t~ret3; [L128] main_#t~post2 := main_~i~1; [L129] main_~i~1 := main_#t~post2 + 1; [L130] havoc main_#t~post2; [L90] assume !(main_~i~1 < 32); [L91] main_~i~1 := 0; [L92] assume main_~i~1 < 32; [L93] read~int_#ptr.base, read~int_#ptr.offset, read~int_#sizeOfReadType := main_~#b~0.base, main_~#b~0.offset + 4 * main_~i~1, 4; [L94] assume !(#valid[read~int_#ptr.base] == 1); [L109] assert false; - StatisticsResult: Ultimate Automizer benchmark data CFG has 1 procedures, 6 locations, 1 error locations. UNKNOWN Result, 251.4s OverallTime, 64 OverallIterations, 496 TraceHistogramMax, 36.5s AutomataDifference, 0.0s DeadEndRemovalTime, 0.0s HoareAnnotationTime, HoareTripleCheckerStatistics: 686 SDtfs, 1276 SDslu, 2421 SDs, 0 SdLazy, 24024 SolverSat, 770 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 22.4s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 13518 GetRequests, 11471 SyntacticMatches, 0 SemanticMatches, 2047 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15376 ImplicationChecksByTransitivity, 42.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=564occurred in iteration=63, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s AbstIntTime, 0 AbstIntIterations, 0 AbstIntStrong, NaN AbsIntWeakeningRatio, NaN AbsIntAvgWeakeningVarsNumRemoved, NaN AbsIntAvgWeakenedConjuncts, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 63 MinimizatonAttempts, 437 StatesRemovedByMinimization, 31 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TraceCheckStatistics: 0.8s SsaConstructionTime, 172.0s SatisfiabilityAnalysisTime, 40.8s InterpolantComputationTime, 13648 NumberOfCodeBlocks, 13648 NumberOfCodeBlocksAsserted, 64 NumberOfCheckSat, 13022 ConstructedInterpolants, 0 QuantifiedInterpolants, 13835442 SizeOfPredicates, 124 NumberOfNonLiveVariables, 238923 ConjunctsInSsa, 1676 ConjunctsInUnsatCore, 63 InterpolantComputations, 1 PerfectInterpolantSequences, 1008521/1936041 InterpolantCoveringCapability, InvariantSynthesisStatistics: No data available, InterpolantConsolidationStatistics: No data available, ReuseStatistics: No data available RESULT: Ultimate could not prove your program: unable to determine feasibility of some traces Completed graceful shutdown