java -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AutomizerC.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf --traceabstraction.trace.refinement.strategy SIFA_TAIPAN --sifa.abstract.domain CompoundDomain --rcfgbuilder.size.of.a.code.block LoopFreeBlock --sifa.call.summarizer TopInputCallSummarizer --sifa.fluid SizeLimitFluid --sifa.simplification.technique SIMPLIFY_QUICK -i ../../../trunk/examples/svcomp/array-crafted/zero_sum_const3.c -------------------------------------------------------------------------------- This is Ultimate 0.1.24-36ac518-m [2019-10-06 23:04:08,998 INFO L177 SettingsManager]: Resetting all preferences to default values... [2019-10-06 23:04:09,002 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2019-10-06 23:04:09,019 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-10-06 23:04:09,020 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-10-06 23:04:09,022 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-10-06 23:04:09,024 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-10-06 23:04:09,033 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2019-10-06 23:04:09,038 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-10-06 23:04:09,041 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-10-06 23:04:09,042 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2019-10-06 23:04:09,044 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-10-06 23:04:09,044 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-10-06 23:04:09,046 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-10-06 23:04:09,049 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-10-06 23:04:09,050 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-10-06 23:04:09,052 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-10-06 23:04:09,052 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-10-06 23:04:09,054 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-10-06 23:04:09,058 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2019-10-06 23:04:09,062 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-10-06 23:04:09,065 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-10-06 23:04:09,068 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2019-10-06 23:04:09,069 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-10-06 23:04:09,072 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-10-06 23:04:09,072 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-10-06 23:04:09,072 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-10-06 23:04:09,074 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2019-10-06 23:04:09,075 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-10-06 23:04:09,076 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2019-10-06 23:04:09,077 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-10-06 23:04:09,078 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2019-10-06 23:04:09,079 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-10-06 23:04:09,080 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2019-10-06 23:04:09,081 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-10-06 23:04:09,081 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2019-10-06 23:04:09,082 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-10-06 23:04:09,082 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-10-06 23:04:09,082 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2019-10-06 23:04:09,083 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2019-10-06 23:04:09,084 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2019-10-06 23:04:09,085 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf [2019-10-06 23:04:09,103 INFO L113 SettingsManager]: Loading preferences was successful [2019-10-06 23:04:09,103 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2019-10-06 23:04:09,104 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2019-10-06 23:04:09,105 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2019-10-06 23:04:09,105 INFO L138 SettingsManager]: * Use SBE=true [2019-10-06 23:04:09,105 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2019-10-06 23:04:09,105 INFO L138 SettingsManager]: * sizeof long=4 [2019-10-06 23:04:09,106 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2019-10-06 23:04:09,106 INFO L138 SettingsManager]: * sizeof POINTER=4 [2019-10-06 23:04:09,106 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2019-10-06 23:04:09,111 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2019-10-06 23:04:09,111 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2019-10-06 23:04:09,112 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2019-10-06 23:04:09,112 INFO L138 SettingsManager]: * sizeof long double=12 [2019-10-06 23:04:09,112 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2019-10-06 23:04:09,112 INFO L138 SettingsManager]: * Use constant arrays=true [2019-10-06 23:04:09,112 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2019-10-06 23:04:09,113 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2019-10-06 23:04:09,113 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2019-10-06 23:04:09,113 INFO L138 SettingsManager]: * To the following directory=./dump/ [2019-10-06 23:04:09,113 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2019-10-06 23:04:09,113 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-10-06 23:04:09,114 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2019-10-06 23:04:09,116 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2019-10-06 23:04:09,116 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2019-10-06 23:04:09,117 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2019-10-06 23:04:09,117 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2019-10-06 23:04:09,117 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2019-10-06 23:04:09,117 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: Trace refinement strategy -> SIFA_TAIPAN Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Abstract Domain -> CompoundDomain Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder: Size of a code block -> LoopFreeBlock Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Call Summarizer -> TopInputCallSummarizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Fluid -> SizeLimitFluid Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Simplification Technique -> SIMPLIFY_QUICK [2019-10-06 23:04:09,390 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-10-06 23:04:09,404 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-10-06 23:04:09,407 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-10-06 23:04:09,409 INFO L271 PluginConnector]: Initializing CDTParser... [2019-10-06 23:04:09,409 INFO L275 PluginConnector]: CDTParser initialized [2019-10-06 23:04:09,410 INFO L428 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/array-crafted/zero_sum_const3.c [2019-10-06 23:04:09,490 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c34d4f5b2/07133938a12f4b32844aef3f3e8527e5/FLAGe12b1812c [2019-10-06 23:04:09,964 INFO L306 CDTParser]: Found 1 translation units. [2019-10-06 23:04:09,965 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/array-crafted/zero_sum_const3.c [2019-10-06 23:04:09,972 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c34d4f5b2/07133938a12f4b32844aef3f3e8527e5/FLAGe12b1812c [2019-10-06 23:04:10,318 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c34d4f5b2/07133938a12f4b32844aef3f3e8527e5 [2019-10-06 23:04:10,328 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-10-06 23:04:10,329 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-10-06 23:04:10,330 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2019-10-06 23:04:10,330 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2019-10-06 23:04:10,333 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2019-10-06 23:04:10,334 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,337 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@41112136 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10, skipping insertion in model container [2019-10-06 23:04:10,338 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,345 INFO L142 MainTranslator]: Starting translation in SV-COMP mode [2019-10-06 23:04:10,367 INFO L173 MainTranslator]: Built tables and reachable declarations [2019-10-06 23:04:10,555 INFO L206 PostProcessor]: Analyzing one entry point: main [2019-10-06 23:04:10,567 INFO L188 MainTranslator]: Completed pre-run [2019-10-06 23:04:10,589 INFO L206 PostProcessor]: Analyzing one entry point: main [2019-10-06 23:04:10,606 INFO L192 MainTranslator]: Completed translation [2019-10-06 23:04:10,606 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10 WrapperNode [2019-10-06 23:04:10,606 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2019-10-06 23:04:10,607 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-10-06 23:04:10,607 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-10-06 23:04:10,607 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2019-10-06 23:04:10,701 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,701 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,710 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,711 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,722 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,732 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,733 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... [2019-10-06 23:04:10,736 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-10-06 23:04:10,736 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-10-06 23:04:10,737 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-10-06 23:04:10,737 INFO L275 PluginConnector]: RCFGBuilder initialized [2019-10-06 23:04:10,738 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-10-06 23:04:10,791 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2019-10-06 23:04:10,791 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2019-10-06 23:04:10,791 INFO L138 BoogieDeclarations]: Found implementation of procedure __VERIFIER_assert [2019-10-06 23:04:10,791 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2019-10-06 23:04:10,791 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2019-10-06 23:04:10,791 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assume [2019-10-06 23:04:10,792 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assert [2019-10-06 23:04:10,792 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_long [2019-10-06 23:04:10,792 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2019-10-06 23:04:10,792 INFO L130 BoogieDeclarations]: Found specification of procedure main [2019-10-06 23:04:10,792 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2019-10-06 23:04:10,793 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2019-10-06 23:04:10,793 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2019-10-06 23:04:10,793 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2019-10-06 23:04:10,793 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2019-10-06 23:04:10,793 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2019-10-06 23:04:11,245 INFO L279 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2019-10-06 23:04:11,245 INFO L284 CfgBuilder]: Removed 7 assume(true) statements. [2019-10-06 23:04:11,246 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.10 11:04:11 BoogieIcfgContainer [2019-10-06 23:04:11,247 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-10-06 23:04:11,248 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2019-10-06 23:04:11,248 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2019-10-06 23:04:11,251 INFO L275 PluginConnector]: TraceAbstraction initialized [2019-10-06 23:04:11,251 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.10 11:04:10" (1/3) ... [2019-10-06 23:04:11,252 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@24ed6d79 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.10 11:04:11, skipping insertion in model container [2019-10-06 23:04:11,252 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:04:10" (2/3) ... [2019-10-06 23:04:11,253 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@24ed6d79 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.10 11:04:11, skipping insertion in model container [2019-10-06 23:04:11,253 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.10 11:04:11" (3/3) ... [2019-10-06 23:04:11,255 INFO L109 eAbstractionObserver]: Analyzing ICFG zero_sum_const3.c [2019-10-06 23:04:11,264 INFO L152 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2019-10-06 23:04:11,272 INFO L164 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2019-10-06 23:04:11,283 INFO L249 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2019-10-06 23:04:11,306 INFO L373 AbstractCegarLoop]: Interprodecural is true [2019-10-06 23:04:11,307 INFO L374 AbstractCegarLoop]: Hoare is true [2019-10-06 23:04:11,307 INFO L375 AbstractCegarLoop]: Compute interpolants for FPandBP [2019-10-06 23:04:11,307 INFO L376 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2019-10-06 23:04:11,307 INFO L377 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2019-10-06 23:04:11,307 INFO L378 AbstractCegarLoop]: Difference is false [2019-10-06 23:04:11,307 INFO L379 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2019-10-06 23:04:11,307 INFO L383 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2019-10-06 23:04:11,323 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states. [2019-10-06 23:04:11,329 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2019-10-06 23:04:11,329 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:11,330 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:11,332 INFO L410 AbstractCegarLoop]: === Iteration 1 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:11,337 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:11,338 INFO L82 PathProgramCache]: Analyzing trace with hash -68481076, now seen corresponding path program 1 times [2019-10-06 23:04:11,345 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:11,346 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:11,346 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:11,346 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:11,346 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:11,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:11,555 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:04:11,556 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:11,557 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:04:11,557 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2019-10-06 23:04:11,561 INFO L442 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-10-06 23:04:11,576 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-10-06 23:04:11,577 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2019-10-06 23:04:11,579 INFO L87 Difference]: Start difference. First operand 24 states. Second operand 5 states. [2019-10-06 23:04:11,696 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:11,697 INFO L93 Difference]: Finished difference Result 45 states and 60 transitions. [2019-10-06 23:04:11,697 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2019-10-06 23:04:11,699 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 17 [2019-10-06 23:04:11,700 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:11,708 INFO L225 Difference]: With dead ends: 45 [2019-10-06 23:04:11,708 INFO L226 Difference]: Without dead ends: 24 [2019-10-06 23:04:11,711 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2019-10-06 23:04:11,726 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24 states. [2019-10-06 23:04:11,742 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24 to 24. [2019-10-06 23:04:11,744 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 24 states. [2019-10-06 23:04:11,745 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 24 states to 24 states and 35 transitions. [2019-10-06 23:04:11,747 INFO L78 Accepts]: Start accepts. Automaton has 24 states and 35 transitions. Word has length 17 [2019-10-06 23:04:11,747 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:11,747 INFO L462 AbstractCegarLoop]: Abstraction has 24 states and 35 transitions. [2019-10-06 23:04:11,747 INFO L463 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-10-06 23:04:11,748 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 35 transitions. [2019-10-06 23:04:11,749 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2019-10-06 23:04:11,749 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:11,749 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:11,750 INFO L410 AbstractCegarLoop]: === Iteration 2 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:11,750 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:11,750 INFO L82 PathProgramCache]: Analyzing trace with hash -1579005837, now seen corresponding path program 1 times [2019-10-06 23:04:11,751 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:11,751 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:11,751 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:11,751 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:11,751 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:11,790 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:11,829 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2019-10-06 23:04:11,829 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:11,830 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:04:11,830 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2019-10-06 23:04:11,832 INFO L442 AbstractCegarLoop]: Interpolant automaton has 3 states [2019-10-06 23:04:11,832 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2019-10-06 23:04:11,833 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-10-06 23:04:11,833 INFO L87 Difference]: Start difference. First operand 24 states and 35 transitions. Second operand 3 states. [2019-10-06 23:04:11,898 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:11,898 INFO L93 Difference]: Finished difference Result 42 states and 64 transitions. [2019-10-06 23:04:11,898 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2019-10-06 23:04:11,899 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 18 [2019-10-06 23:04:11,899 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:11,900 INFO L225 Difference]: With dead ends: 42 [2019-10-06 23:04:11,900 INFO L226 Difference]: Without dead ends: 25 [2019-10-06 23:04:11,901 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-10-06 23:04:11,902 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 25 states. [2019-10-06 23:04:11,906 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 25 to 25. [2019-10-06 23:04:11,907 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2019-10-06 23:04:11,908 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 36 transitions. [2019-10-06 23:04:11,908 INFO L78 Accepts]: Start accepts. Automaton has 25 states and 36 transitions. Word has length 18 [2019-10-06 23:04:11,908 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:11,909 INFO L462 AbstractCegarLoop]: Abstraction has 25 states and 36 transitions. [2019-10-06 23:04:11,909 INFO L463 AbstractCegarLoop]: Interpolant automaton has 3 states. [2019-10-06 23:04:11,909 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 36 transitions. [2019-10-06 23:04:11,910 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2019-10-06 23:04:11,910 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:11,910 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:11,912 INFO L410 AbstractCegarLoop]: === Iteration 3 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:11,913 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:11,913 INFO L82 PathProgramCache]: Analyzing trace with hash -1817549222, now seen corresponding path program 1 times [2019-10-06 23:04:11,913 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:11,913 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:11,913 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:11,914 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:11,914 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:11,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:11,979 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2019-10-06 23:04:11,979 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:11,980 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:04:11,980 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2019-10-06 23:04:11,980 INFO L442 AbstractCegarLoop]: Interpolant automaton has 4 states [2019-10-06 23:04:11,980 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2019-10-06 23:04:11,981 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-10-06 23:04:11,981 INFO L87 Difference]: Start difference. First operand 25 states and 36 transitions. Second operand 4 states. [2019-10-06 23:04:12,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:12,063 INFO L93 Difference]: Finished difference Result 40 states and 60 transitions. [2019-10-06 23:04:12,065 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2019-10-06 23:04:12,066 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 19 [2019-10-06 23:04:12,066 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:12,067 INFO L225 Difference]: With dead ends: 40 [2019-10-06 23:04:12,067 INFO L226 Difference]: Without dead ends: 25 [2019-10-06 23:04:12,068 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-10-06 23:04:12,068 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 25 states. [2019-10-06 23:04:12,073 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 25 to 25. [2019-10-06 23:04:12,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2019-10-06 23:04:12,075 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 31 transitions. [2019-10-06 23:04:12,075 INFO L78 Accepts]: Start accepts. Automaton has 25 states and 31 transitions. Word has length 19 [2019-10-06 23:04:12,075 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:12,075 INFO L462 AbstractCegarLoop]: Abstraction has 25 states and 31 transitions. [2019-10-06 23:04:12,076 INFO L463 AbstractCegarLoop]: Interpolant automaton has 4 states. [2019-10-06 23:04:12,076 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 31 transitions. [2019-10-06 23:04:12,077 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2019-10-06 23:04:12,077 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:12,077 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:12,077 INFO L410 AbstractCegarLoop]: === Iteration 4 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:12,078 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:12,078 INFO L82 PathProgramCache]: Analyzing trace with hash 2017864887, now seen corresponding path program 1 times [2019-10-06 23:04:12,078 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:12,079 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:12,079 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:12,079 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:12,079 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:12,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:12,183 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:04:12,184 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:12,184 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:12,185 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:12,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:12,283 INFO L256 TraceCheckSpWp]: Trace formula consists of 126 conjuncts, 4 conjunts are in the unsatisfiable core [2019-10-06 23:04:12,290 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:12,343 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:04:12,344 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:04:12,383 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:04:12,384 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:04:12,437 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:04:12,437 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:04:12,446 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:04:12,455 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:04:12,456 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:04:12,679 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:04:14,104 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:04:14,159 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:04:14,166 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:04:14,167 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:04:14,167 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,167 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,168 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:04:14,168 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= ~SIZE~0 2147483647) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,168 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,168 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,169 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:14,169 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,169 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,170 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,170 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,170 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,171 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,171 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,171 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:04:14,171 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:14,172 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,172 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:14,688 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:04:15,079 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:04:15,082 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:04:15,082 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4, 4, 11] total 19 [2019-10-06 23:04:15,084 INFO L442 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-10-06 23:04:15,084 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-10-06 23:04:15,085 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=286, Unknown=0, NotChecked=0, Total=342 [2019-10-06 23:04:15,085 INFO L87 Difference]: Start difference. First operand 25 states and 31 transitions. Second operand 19 states. [2019-10-06 23:04:16,045 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:04:16,118 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:16,118 INFO L93 Difference]: Finished difference Result 49 states and 67 transitions. [2019-10-06 23:04:16,119 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-10-06 23:04:16,119 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 24 [2019-10-06 23:04:16,120 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:16,120 INFO L225 Difference]: With dead ends: 49 [2019-10-06 23:04:16,120 INFO L226 Difference]: Without dead ends: 32 [2019-10-06 23:04:16,124 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 87 GetRequests, 58 SyntacticMatches, 1 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 215 ImplicationChecksByTransitivity, 1.7s TimeCoverageRelationStatistics Valid=143, Invalid=727, Unknown=0, NotChecked=0, Total=870 [2019-10-06 23:04:16,125 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32 states. [2019-10-06 23:04:16,134 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32 to 32. [2019-10-06 23:04:16,134 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 32 states. [2019-10-06 23:04:16,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 32 states to 32 states and 38 transitions. [2019-10-06 23:04:16,140 INFO L78 Accepts]: Start accepts. Automaton has 32 states and 38 transitions. Word has length 24 [2019-10-06 23:04:16,141 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:16,141 INFO L462 AbstractCegarLoop]: Abstraction has 32 states and 38 transitions. [2019-10-06 23:04:16,141 INFO L463 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-10-06 23:04:16,141 INFO L276 IsEmpty]: Start isEmpty. Operand 32 states and 38 transitions. [2019-10-06 23:04:16,143 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2019-10-06 23:04:16,144 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:16,144 INFO L385 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:16,346 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:16,347 INFO L410 AbstractCegarLoop]: === Iteration 5 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:16,348 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:16,348 INFO L82 PathProgramCache]: Analyzing trace with hash 567715820, now seen corresponding path program 2 times [2019-10-06 23:04:16,348 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:16,349 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:16,349 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:16,350 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:16,350 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:16,489 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:17,184 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:04:17,184 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:17,185 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:17,185 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:17,270 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2019-10-06 23:04:17,270 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:04:17,272 INFO L256 TraceCheckSpWp]: Trace formula consists of 160 conjuncts, 65 conjunts are in the unsatisfiable core [2019-10-06 23:04:17,277 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:17,660 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:04:17,661 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:04:17,900 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 18 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-10-06 23:04:17,900 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:04:17,902 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:04:17,902 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:04:17,903 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:04:17,903 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:04:17,903 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:04:17,952 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:04:18,825 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:04:18,862 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:04:18,867 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:04:18,867 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:04:18,867 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,867 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,868 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:04:18,868 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,868 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,868 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,869 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:18,869 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,869 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,870 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,870 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,870 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,870 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,871 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,871 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:04:18,871 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:18,871 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:18,872 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:19,626 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:04:20,127 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:04:20,127 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13, 10, 11] total 38 [2019-10-06 23:04:20,128 INFO L442 AbstractCegarLoop]: Interpolant automaton has 38 states [2019-10-06 23:04:20,128 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 38 interpolants. [2019-10-06 23:04:20,129 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=121, Invalid=1285, Unknown=0, NotChecked=0, Total=1406 [2019-10-06 23:04:20,129 INFO L87 Difference]: Start difference. First operand 32 states and 38 transitions. Second operand 38 states. [2019-10-06 23:04:21,930 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:21,931 INFO L93 Difference]: Finished difference Result 53 states and 64 transitions. [2019-10-06 23:04:21,932 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2019-10-06 23:04:21,932 INFO L78 Accepts]: Start accepts. Automaton has 38 states. Word has length 31 [2019-10-06 23:04:21,932 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:21,933 INFO L225 Difference]: With dead ends: 53 [2019-10-06 23:04:21,934 INFO L226 Difference]: Without dead ends: 48 [2019-10-06 23:04:21,936 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 131 GetRequests, 60 SyntacticMatches, 21 SemanticMatches, 50 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 818 ImplicationChecksByTransitivity, 3.3s TimeCoverageRelationStatistics Valid=233, Invalid=2419, Unknown=0, NotChecked=0, Total=2652 [2019-10-06 23:04:21,936 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 48 states. [2019-10-06 23:04:21,945 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 48 to 46. [2019-10-06 23:04:21,946 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 46 states. [2019-10-06 23:04:21,946 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 57 transitions. [2019-10-06 23:04:21,947 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 57 transitions. Word has length 31 [2019-10-06 23:04:21,947 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:21,947 INFO L462 AbstractCegarLoop]: Abstraction has 46 states and 57 transitions. [2019-10-06 23:04:21,947 INFO L463 AbstractCegarLoop]: Interpolant automaton has 38 states. [2019-10-06 23:04:21,947 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 57 transitions. [2019-10-06 23:04:21,948 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2019-10-06 23:04:21,949 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:21,949 INFO L385 BasicCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:22,152 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:22,153 INFO L410 AbstractCegarLoop]: === Iteration 6 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:22,153 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:22,153 INFO L82 PathProgramCache]: Analyzing trace with hash 1042486227, now seen corresponding path program 3 times [2019-10-06 23:04:22,154 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:22,154 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:22,154 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:22,155 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:22,155 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:22,173 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:22,213 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 4 proven. 5 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:04:22,214 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:22,214 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:22,214 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:22,293 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:04:22,293 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:04:22,294 INFO L256 TraceCheckSpWp]: Trace formula consists of 152 conjuncts, 8 conjunts are in the unsatisfiable core [2019-10-06 23:04:22,296 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:22,346 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 6 proven. 3 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:04:22,347 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:04:22,383 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 6 proven. 3 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:04:22,383 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:04:22,384 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:04:22,385 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:04:22,385 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:04:22,385 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:04:22,385 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:04:22,415 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:04:23,148 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:04:23,178 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:04:23,182 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:04:23,183 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:04:23,183 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,183 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,184 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:04:23,184 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,184 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,184 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,184 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:23,185 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,185 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,185 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,185 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,186 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,186 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,186 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,186 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:04:23,187 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:23,187 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,187 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:23,660 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:04:24,054 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:04:24,055 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 8, 11] total 24 [2019-10-06 23:04:24,056 INFO L442 AbstractCegarLoop]: Interpolant automaton has 24 states [2019-10-06 23:04:24,056 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2019-10-06 23:04:24,057 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=81, Invalid=471, Unknown=0, NotChecked=0, Total=552 [2019-10-06 23:04:24,057 INFO L87 Difference]: Start difference. First operand 46 states and 57 transitions. Second operand 24 states. [2019-10-06 23:04:25,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:25,242 INFO L93 Difference]: Finished difference Result 92 states and 119 transitions. [2019-10-06 23:04:25,243 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2019-10-06 23:04:25,243 INFO L78 Accepts]: Start accepts. Automaton has 24 states. Word has length 32 [2019-10-06 23:04:25,243 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:25,247 INFO L225 Difference]: With dead ends: 92 [2019-10-06 23:04:25,247 INFO L226 Difference]: Without dead ends: 53 [2019-10-06 23:04:25,248 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 118 GetRequests, 77 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 399 ImplicationChecksByTransitivity, 1.7s TimeCoverageRelationStatistics Valid=219, Invalid=1263, Unknown=0, NotChecked=0, Total=1482 [2019-10-06 23:04:25,249 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2019-10-06 23:04:25,258 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 50. [2019-10-06 23:04:25,258 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 50 states. [2019-10-06 23:04:25,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 50 states to 50 states and 60 transitions. [2019-10-06 23:04:25,260 INFO L78 Accepts]: Start accepts. Automaton has 50 states and 60 transitions. Word has length 32 [2019-10-06 23:04:25,260 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:25,260 INFO L462 AbstractCegarLoop]: Abstraction has 50 states and 60 transitions. [2019-10-06 23:04:25,260 INFO L463 AbstractCegarLoop]: Interpolant automaton has 24 states. [2019-10-06 23:04:25,260 INFO L276 IsEmpty]: Start isEmpty. Operand 50 states and 60 transitions. [2019-10-06 23:04:25,261 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2019-10-06 23:04:25,261 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:25,261 INFO L385 BasicCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:25,463 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:25,464 INFO L410 AbstractCegarLoop]: === Iteration 7 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:25,465 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:25,465 INFO L82 PathProgramCache]: Analyzing trace with hash 1643204986, now seen corresponding path program 4 times [2019-10-06 23:04:25,465 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:25,466 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:25,466 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:25,467 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:25,467 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:25,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:25,544 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 1 proven. 8 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2019-10-06 23:04:25,544 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:25,545 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:25,545 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:25,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:25,644 INFO L256 TraceCheckSpWp]: Trace formula consists of 169 conjuncts, 8 conjunts are in the unsatisfiable core [2019-10-06 23:04:25,646 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:25,712 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2019-10-06 23:04:25,712 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:04:25,756 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2019-10-06 23:04:25,756 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:04:25,758 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:04:25,758 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:04:25,759 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:04:25,759 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:04:25,759 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:04:25,796 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:04:26,467 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:04:26,502 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:04:26,506 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:04:26,506 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:04:26,512 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,513 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,513 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:04:26,513 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,513 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,513 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,514 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:26,514 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,514 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,514 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,515 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,515 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,515 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,515 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,516 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:04:26,516 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:26,516 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,517 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:26,956 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:04:27,328 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:04:27,328 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 9, 11] total 25 [2019-10-06 23:04:27,330 INFO L442 AbstractCegarLoop]: Interpolant automaton has 25 states [2019-10-06 23:04:27,330 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2019-10-06 23:04:27,331 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=88, Invalid=512, Unknown=0, NotChecked=0, Total=600 [2019-10-06 23:04:27,331 INFO L87 Difference]: Start difference. First operand 50 states and 60 transitions. Second operand 25 states. [2019-10-06 23:04:28,639 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:04:28,721 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:28,722 INFO L93 Difference]: Finished difference Result 56 states and 66 transitions. [2019-10-06 23:04:28,722 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2019-10-06 23:04:28,722 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 33 [2019-10-06 23:04:28,723 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:28,724 INFO L225 Difference]: With dead ends: 56 [2019-10-06 23:04:28,724 INFO L226 Difference]: Without dead ends: 39 [2019-10-06 23:04:28,725 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 121 GetRequests, 78 SyntacticMatches, 6 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 433 ImplicationChecksByTransitivity, 1.8s TimeCoverageRelationStatistics Valid=213, Invalid=1269, Unknown=0, NotChecked=0, Total=1482 [2019-10-06 23:04:28,726 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 39 states. [2019-10-06 23:04:28,732 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 39 to 39. [2019-10-06 23:04:28,733 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 39 states. [2019-10-06 23:04:28,733 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 39 states to 39 states and 45 transitions. [2019-10-06 23:04:28,734 INFO L78 Accepts]: Start accepts. Automaton has 39 states and 45 transitions. Word has length 33 [2019-10-06 23:04:28,734 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:28,734 INFO L462 AbstractCegarLoop]: Abstraction has 39 states and 45 transitions. [2019-10-06 23:04:28,734 INFO L463 AbstractCegarLoop]: Interpolant automaton has 25 states. [2019-10-06 23:04:28,734 INFO L276 IsEmpty]: Start isEmpty. Operand 39 states and 45 transitions. [2019-10-06 23:04:28,735 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2019-10-06 23:04:28,735 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:28,735 INFO L385 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:28,938 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:28,939 INFO L410 AbstractCegarLoop]: === Iteration 8 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:28,939 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:28,940 INFO L82 PathProgramCache]: Analyzing trace with hash -1638161385, now seen corresponding path program 5 times [2019-10-06 23:04:28,940 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:28,940 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:28,941 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:28,941 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:28,941 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:28,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:29,648 WARN L191 SmtUtils]: Spent 128.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 39 [2019-10-06 23:04:29,776 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 46 DAG size of output: 35 [2019-10-06 23:04:30,044 WARN L191 SmtUtils]: Spent 136.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 40 [2019-10-06 23:04:30,196 WARN L191 SmtUtils]: Spent 120.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 39 [2019-10-06 23:04:30,437 WARN L191 SmtUtils]: Spent 119.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 36 [2019-10-06 23:04:30,637 WARN L191 SmtUtils]: Spent 172.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 43 [2019-10-06 23:04:30,791 WARN L191 SmtUtils]: Spent 123.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 44 [2019-10-06 23:04:30,929 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 51 DAG size of output: 40 [2019-10-06 23:04:31,214 WARN L191 SmtUtils]: Spent 126.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 46 [2019-10-06 23:04:31,386 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 47 [2019-10-06 23:04:32,358 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 0 proven. 42 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:04:32,359 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:32,359 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:32,359 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:32,473 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2019-10-06 23:04:32,473 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:04:32,476 INFO L256 TraceCheckSpWp]: Trace formula consists of 194 conjuncts, 94 conjunts are in the unsatisfiable core [2019-10-06 23:04:32,479 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:33,733 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 3 proven. 36 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-10-06 23:04:33,733 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:04:35,305 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 0 proven. 39 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-10-06 23:04:35,305 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:04:35,307 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:04:35,307 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:04:35,307 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:04:35,308 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:04:35,308 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:04:35,333 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:04:36,121 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:04:36,152 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:04:36,156 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:04:36,156 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:04:36,156 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,157 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,157 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:04:36,157 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,157 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,157 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,158 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:36,158 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,158 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,158 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,159 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,159 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,159 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,159 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,160 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:04:36,160 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:36,160 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,160 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:36,924 WARN L191 SmtUtils]: Spent 118.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:04:37,452 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:04:37,452 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [32, 16, 13, 11] total 63 [2019-10-06 23:04:37,454 INFO L442 AbstractCegarLoop]: Interpolant automaton has 63 states [2019-10-06 23:04:37,454 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 63 interpolants. [2019-10-06 23:04:37,456 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=339, Invalid=3567, Unknown=0, NotChecked=0, Total=3906 [2019-10-06 23:04:37,456 INFO L87 Difference]: Start difference. First operand 39 states and 45 transitions. Second operand 63 states. [2019-10-06 23:04:38,551 WARN L191 SmtUtils]: Spent 132.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 66 [2019-10-06 23:04:38,998 WARN L191 SmtUtils]: Spent 257.00 ms on a formula simplification. DAG size of input: 115 DAG size of output: 55 [2019-10-06 23:04:39,476 WARN L191 SmtUtils]: Spent 134.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 62 [2019-10-06 23:04:39,748 WARN L191 SmtUtils]: Spent 124.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 68 [2019-10-06 23:04:40,582 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 137 DAG size of output: 59 [2019-10-06 23:04:40,819 WARN L191 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 65 [2019-10-06 23:04:41,272 WARN L191 SmtUtils]: Spent 127.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 54 [2019-10-06 23:04:41,645 WARN L191 SmtUtils]: Spent 170.00 ms on a formula simplification. DAG size of input: 115 DAG size of output: 70 [2019-10-06 23:04:42,846 WARN L191 SmtUtils]: Spent 125.00 ms on a formula simplification. DAG size of input: 101 DAG size of output: 51 [2019-10-06 23:04:43,530 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:43,530 INFO L93 Difference]: Finished difference Result 65 states and 76 transitions. [2019-10-06 23:04:43,531 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2019-10-06 23:04:43,531 INFO L78 Accepts]: Start accepts. Automaton has 63 states. Word has length 38 [2019-10-06 23:04:43,532 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:43,533 INFO L225 Difference]: With dead ends: 65 [2019-10-06 23:04:43,533 INFO L226 Difference]: Without dead ends: 60 [2019-10-06 23:04:43,536 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 169 GetRequests, 63 SyntacticMatches, 22 SemanticMatches, 84 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3365 ImplicationChecksByTransitivity, 10.6s TimeCoverageRelationStatistics Valid=706, Invalid=6604, Unknown=0, NotChecked=0, Total=7310 [2019-10-06 23:04:43,536 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2019-10-06 23:04:43,549 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 57. [2019-10-06 23:04:43,550 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 57 states. [2019-10-06 23:04:43,551 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 68 transitions. [2019-10-06 23:04:43,551 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 68 transitions. Word has length 38 [2019-10-06 23:04:43,551 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:43,551 INFO L462 AbstractCegarLoop]: Abstraction has 57 states and 68 transitions. [2019-10-06 23:04:43,551 INFO L463 AbstractCegarLoop]: Interpolant automaton has 63 states. [2019-10-06 23:04:43,552 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 68 transitions. [2019-10-06 23:04:43,553 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2019-10-06 23:04:43,553 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:43,553 INFO L385 BasicCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:43,757 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:43,758 INFO L410 AbstractCegarLoop]: === Iteration 9 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:43,758 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:43,758 INFO L82 PathProgramCache]: Analyzing trace with hash -163628948, now seen corresponding path program 6 times [2019-10-06 23:04:43,759 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:43,759 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:43,759 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:43,759 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:43,759 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:43,781 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:43,846 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 7 proven. 9 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2019-10-06 23:04:43,847 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:43,847 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:43,847 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:43,979 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:04:43,979 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:04:43,980 INFO L256 TraceCheckSpWp]: Trace formula consists of 186 conjuncts, 10 conjunts are in the unsatisfiable core [2019-10-06 23:04:43,982 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:44,037 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 10 proven. 6 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2019-10-06 23:04:44,037 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:04:44,074 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 10 proven. 6 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2019-10-06 23:04:44,074 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:04:44,075 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:04:44,076 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:04:44,076 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:04:44,076 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:04:44,076 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:04:44,097 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:04:44,703 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:04:44,732 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:04:44,735 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:04:44,735 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:04:44,736 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,736 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,736 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:04:44,736 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,736 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,736 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,736 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:44,737 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,737 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,737 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,737 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,738 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,738 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,738 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,738 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:04:44,738 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:44,739 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:44,739 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:45,227 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:04:45,619 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:04:45,620 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 10, 11] total 27 [2019-10-06 23:04:45,621 INFO L442 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-10-06 23:04:45,621 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-10-06 23:04:45,622 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=103, Invalid=599, Unknown=0, NotChecked=0, Total=702 [2019-10-06 23:04:45,622 INFO L87 Difference]: Start difference. First operand 57 states and 68 transitions. Second operand 27 states. [2019-10-06 23:04:47,125 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:47,125 INFO L93 Difference]: Finished difference Result 114 states and 141 transitions. [2019-10-06 23:04:47,126 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-10-06 23:04:47,126 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 39 [2019-10-06 23:04:47,126 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:47,127 INFO L225 Difference]: With dead ends: 114 [2019-10-06 23:04:47,128 INFO L226 Difference]: Without dead ends: 64 [2019-10-06 23:04:47,130 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 144 GetRequests, 95 SyntacticMatches, 6 SemanticMatches, 43 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 584 ImplicationChecksByTransitivity, 1.9s TimeCoverageRelationStatistics Valid=289, Invalid=1691, Unknown=0, NotChecked=0, Total=1980 [2019-10-06 23:04:47,130 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2019-10-06 23:04:47,141 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 61. [2019-10-06 23:04:47,141 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 61 states. [2019-10-06 23:04:47,142 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 71 transitions. [2019-10-06 23:04:47,142 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 71 transitions. Word has length 39 [2019-10-06 23:04:47,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:47,142 INFO L462 AbstractCegarLoop]: Abstraction has 61 states and 71 transitions. [2019-10-06 23:04:47,142 INFO L463 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-10-06 23:04:47,143 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 71 transitions. [2019-10-06 23:04:47,144 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2019-10-06 23:04:47,144 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:47,144 INFO L385 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:47,348 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:47,349 INFO L410 AbstractCegarLoop]: === Iteration 10 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:47,349 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:47,349 INFO L82 PathProgramCache]: Analyzing trace with hash -96034587, now seen corresponding path program 7 times [2019-10-06 23:04:47,350 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:47,350 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:47,350 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:47,350 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:47,351 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:47,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:47,432 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 3 proven. 13 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2019-10-06 23:04:47,433 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:47,433 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:47,433 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:47,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:47,599 INFO L256 TraceCheckSpWp]: Trace formula consists of 203 conjuncts, 10 conjunts are in the unsatisfiable core [2019-10-06 23:04:47,612 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:47,680 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 10 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2019-10-06 23:04:47,680 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:04:47,741 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 10 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2019-10-06 23:04:47,741 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:04:47,743 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:04:47,743 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:04:47,743 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:04:47,744 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:04:47,744 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:04:47,766 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:04:48,374 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:04:48,396 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:04:48,402 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:04:48,402 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:04:48,402 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,402 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,402 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:04:48,403 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,403 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,403 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,403 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:48,403 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,404 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,404 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,404 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,404 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,404 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,405 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,405 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:04:48,405 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:04:48,405 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,405 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:04:48,887 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:04:49,269 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:04:49,270 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 11, 11, 11] total 28 [2019-10-06 23:04:49,271 INFO L442 AbstractCegarLoop]: Interpolant automaton has 28 states [2019-10-06 23:04:49,271 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2019-10-06 23:04:49,272 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=110, Invalid=646, Unknown=0, NotChecked=0, Total=756 [2019-10-06 23:04:49,272 INFO L87 Difference]: Start difference. First operand 61 states and 71 transitions. Second operand 28 states. [2019-10-06 23:04:50,841 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:04:50,924 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:04:50,925 INFO L93 Difference]: Finished difference Result 67 states and 77 transitions. [2019-10-06 23:04:50,925 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2019-10-06 23:04:50,925 INFO L78 Accepts]: Start accepts. Automaton has 28 states. Word has length 40 [2019-10-06 23:04:50,926 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:04:50,926 INFO L225 Difference]: With dead ends: 67 [2019-10-06 23:04:50,927 INFO L226 Difference]: Without dead ends: 46 [2019-10-06 23:04:50,928 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 146 GetRequests, 96 SyntacticMatches, 8 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 601 ImplicationChecksByTransitivity, 2.0s TimeCoverageRelationStatistics Valid=266, Invalid=1626, Unknown=0, NotChecked=0, Total=1892 [2019-10-06 23:04:50,929 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 46 states. [2019-10-06 23:04:50,937 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 46 to 46. [2019-10-06 23:04:50,937 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 46 states. [2019-10-06 23:04:50,938 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 52 transitions. [2019-10-06 23:04:50,938 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 52 transitions. Word has length 40 [2019-10-06 23:04:50,938 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:04:50,939 INFO L462 AbstractCegarLoop]: Abstraction has 46 states and 52 transitions. [2019-10-06 23:04:50,939 INFO L463 AbstractCegarLoop]: Interpolant automaton has 28 states. [2019-10-06 23:04:50,939 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 52 transitions. [2019-10-06 23:04:50,940 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2019-10-06 23:04:50,940 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:04:50,940 INFO L385 BasicCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:04:51,144 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:51,144 INFO L410 AbstractCegarLoop]: === Iteration 11 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:04:51,144 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:04:51,145 INFO L82 PathProgramCache]: Analyzing trace with hash -1903048692, now seen corresponding path program 8 times [2019-10-06 23:04:51,145 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:04:51,145 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:51,145 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:51,146 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:04:51,146 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:04:51,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:04:52,086 WARN L191 SmtUtils]: Spent 141.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 35 [2019-10-06 23:04:52,305 WARN L191 SmtUtils]: Spent 199.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 44 [2019-10-06 23:04:52,512 WARN L191 SmtUtils]: Spent 183.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 45 [2019-10-06 23:04:52,769 WARN L191 SmtUtils]: Spent 222.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 44 [2019-10-06 23:04:52,981 WARN L191 SmtUtils]: Spent 165.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 41 [2019-10-06 23:04:53,149 WARN L191 SmtUtils]: Spent 147.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 37 [2019-10-06 23:04:53,424 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 45 [2019-10-06 23:04:53,722 WARN L191 SmtUtils]: Spent 262.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 54 [2019-10-06 23:04:53,908 WARN L191 SmtUtils]: Spent 149.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 43 [2019-10-06 23:04:54,194 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 39 [2019-10-06 23:04:54,507 WARN L191 SmtUtils]: Spent 253.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 47 [2019-10-06 23:04:54,748 WARN L191 SmtUtils]: Spent 195.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 47 [2019-10-06 23:04:55,023 WARN L191 SmtUtils]: Spent 225.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 46 [2019-10-06 23:04:55,263 WARN L191 SmtUtils]: Spent 193.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 44 [2019-10-06 23:04:55,605 WARN L191 SmtUtils]: Spent 260.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 53 [2019-10-06 23:04:55,871 WARN L191 SmtUtils]: Spent 206.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 45 [2019-10-06 23:04:56,134 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 44 [2019-10-06 23:04:56,371 WARN L191 SmtUtils]: Spent 184.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 44 [2019-10-06 23:04:56,628 WARN L191 SmtUtils]: Spent 194.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 46 [2019-10-06 23:04:56,841 WARN L191 SmtUtils]: Spent 175.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 42 [2019-10-06 23:04:57,027 WARN L191 SmtUtils]: Spent 142.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 47 [2019-10-06 23:04:57,266 WARN L191 SmtUtils]: Spent 182.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 40 [2019-10-06 23:04:57,433 WARN L191 SmtUtils]: Spent 119.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 43 [2019-10-06 23:04:57,585 WARN L191 SmtUtils]: Spent 112.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 46 [2019-10-06 23:04:57,879 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 3 proven. 67 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:04:57,880 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:04:57,880 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:04:57,880 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 9 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:04:58,037 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2019-10-06 23:04:58,037 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:04:58,039 WARN L254 TraceCheckSpWp]: Trace formula consists of 228 conjuncts, 118 conjunts are in the unsatisfiable core [2019-10-06 23:04:58,042 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:04:59,597 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 4 proven. 60 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:04:59,597 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:05:02,090 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 0 proven. 64 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:05:02,090 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:05:02,094 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:05:02,094 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:05:02,095 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:05:02,095 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:05:02,096 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:05:02,121 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:05:02,753 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:05:02,785 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:05:02,790 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:05:02,790 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:05:02,790 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,791 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,791 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:05:02,791 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,791 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,791 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,792 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:05:02,792 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,792 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,792 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,792 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,793 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,793 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,793 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,793 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:05:02,793 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:05:02,793 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:02,794 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:03,634 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:05:04,201 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:05:04,201 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [37, 18, 15, 11] total 72 [2019-10-06 23:05:04,202 INFO L442 AbstractCegarLoop]: Interpolant automaton has 72 states [2019-10-06 23:05:04,202 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 72 interpolants. [2019-10-06 23:05:04,204 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=389, Invalid=4723, Unknown=0, NotChecked=0, Total=5112 [2019-10-06 23:05:04,204 INFO L87 Difference]: Start difference. First operand 46 states and 52 transitions. Second operand 72 states. [2019-10-06 23:05:04,997 WARN L191 SmtUtils]: Spent 174.00 ms on a formula simplification. DAG size of input: 101 DAG size of output: 84 [2019-10-06 23:05:05,743 WARN L191 SmtUtils]: Spent 163.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 58 [2019-10-06 23:05:06,253 WARN L191 SmtUtils]: Spent 139.00 ms on a formula simplification. DAG size of input: 109 DAG size of output: 63 [2019-10-06 23:05:06,524 WARN L191 SmtUtils]: Spent 111.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 64 [2019-10-06 23:05:07,008 WARN L191 SmtUtils]: Spent 305.00 ms on a formula simplification. DAG size of input: 161 DAG size of output: 74 [2019-10-06 23:05:07,318 WARN L191 SmtUtils]: Spent 171.00 ms on a formula simplification. DAG size of input: 116 DAG size of output: 84 [2019-10-06 23:05:07,708 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 67 [2019-10-06 23:05:08,008 WARN L191 SmtUtils]: Spent 190.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 85 [2019-10-06 23:05:08,253 WARN L191 SmtUtils]: Spent 129.00 ms on a formula simplification. DAG size of input: 103 DAG size of output: 70 [2019-10-06 23:05:08,503 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 99 DAG size of output: 67 [2019-10-06 23:05:08,946 WARN L191 SmtUtils]: Spent 266.00 ms on a formula simplification. DAG size of input: 170 DAG size of output: 70 [2019-10-06 23:05:09,250 WARN L191 SmtUtils]: Spent 166.00 ms on a formula simplification. DAG size of input: 106 DAG size of output: 71 [2019-10-06 23:05:11,072 WARN L191 SmtUtils]: Spent 126.00 ms on a formula simplification. DAG size of input: 110 DAG size of output: 71 [2019-10-06 23:05:11,841 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:05:11,841 INFO L93 Difference]: Finished difference Result 83 states and 99 transitions. [2019-10-06 23:05:11,841 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2019-10-06 23:05:11,841 INFO L78 Accepts]: Start accepts. Automaton has 72 states. Word has length 45 [2019-10-06 23:05:11,842 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:05:11,843 INFO L225 Difference]: With dead ends: 83 [2019-10-06 23:05:11,843 INFO L226 Difference]: Without dead ends: 78 [2019-10-06 23:05:11,846 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 201 GetRequests, 77 SyntacticMatches, 28 SemanticMatches, 96 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5039 ImplicationChecksByTransitivity, 16.1s TimeCoverageRelationStatistics Valid=817, Invalid=8689, Unknown=0, NotChecked=0, Total=9506 [2019-10-06 23:05:11,847 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2019-10-06 23:05:11,865 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 68. [2019-10-06 23:05:11,865 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 68 states. [2019-10-06 23:05:11,866 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 79 transitions. [2019-10-06 23:05:11,866 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 79 transitions. Word has length 45 [2019-10-06 23:05:11,866 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:05:11,867 INFO L462 AbstractCegarLoop]: Abstraction has 68 states and 79 transitions. [2019-10-06 23:05:11,867 INFO L463 AbstractCegarLoop]: Interpolant automaton has 72 states. [2019-10-06 23:05:11,867 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 79 transitions. [2019-10-06 23:05:11,868 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2019-10-06 23:05:11,868 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:05:11,868 INFO L385 BasicCegarLoop]: trace histogram [5, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:05:12,072 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:05:12,073 INFO L410 AbstractCegarLoop]: === Iteration 12 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:05:12,073 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:05:12,074 INFO L82 PathProgramCache]: Analyzing trace with hash 1472165683, now seen corresponding path program 9 times [2019-10-06 23:05:12,074 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:05:12,074 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:05:12,074 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:05:12,075 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:05:12,075 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:05:12,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:05:12,153 INFO L134 CoverageAnalysis]: Checked inductivity of 75 backedges. 11 proven. 14 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2019-10-06 23:05:12,153 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:05:12,154 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:05:12,154 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 10 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 10 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:05:12,322 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:05:12,322 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:05:12,323 INFO L256 TraceCheckSpWp]: Trace formula consists of 220 conjuncts, 12 conjunts are in the unsatisfiable core [2019-10-06 23:05:12,324 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:05:12,387 INFO L134 CoverageAnalysis]: Checked inductivity of 75 backedges. 15 proven. 10 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2019-10-06 23:05:12,387 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:05:12,445 INFO L134 CoverageAnalysis]: Checked inductivity of 75 backedges. 15 proven. 10 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2019-10-06 23:05:12,445 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:05:12,447 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:05:12,447 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:05:12,447 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:05:12,447 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:05:12,448 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:05:12,474 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:05:13,005 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:05:13,026 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:05:13,029 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:05:13,029 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:05:13,029 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,029 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,030 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:05:13,030 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,030 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,030 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,030 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:05:13,030 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,031 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,031 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,031 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,031 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,031 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,032 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= 0 |old(~SIZE~0)|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (= |#NULL.offset| 0))) (<= |old(~SIZE~0)| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,032 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:05:13,032 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:05:13,032 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,032 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:13,894 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:05:13,894 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 12, 12, 11] total 30 [2019-10-06 23:05:13,895 INFO L442 AbstractCegarLoop]: Interpolant automaton has 30 states [2019-10-06 23:05:13,895 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2019-10-06 23:05:13,896 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=129, Invalid=741, Unknown=0, NotChecked=0, Total=870 [2019-10-06 23:05:13,896 INFO L87 Difference]: Start difference. First operand 68 states and 79 transitions. Second operand 30 states. [2019-10-06 23:05:15,555 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:05:15,556 INFO L93 Difference]: Finished difference Result 136 states and 163 transitions. [2019-10-06 23:05:15,556 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2019-10-06 23:05:15,556 INFO L78 Accepts]: Start accepts. Automaton has 30 states. Word has length 46 [2019-10-06 23:05:15,557 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:05:15,558 INFO L225 Difference]: With dead ends: 136 [2019-10-06 23:05:15,558 INFO L226 Difference]: Without dead ends: 75 [2019-10-06 23:05:15,560 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 170 GetRequests, 113 SyntacticMatches, 8 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 798 ImplicationChecksByTransitivity, 2.0s TimeCoverageRelationStatistics Valid=372, Invalid=2178, Unknown=0, NotChecked=0, Total=2550 [2019-10-06 23:05:15,560 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2019-10-06 23:05:15,577 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 72. [2019-10-06 23:05:15,577 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 72 states. [2019-10-06 23:05:15,578 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 82 transitions. [2019-10-06 23:05:15,578 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 82 transitions. Word has length 46 [2019-10-06 23:05:15,578 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:05:15,578 INFO L462 AbstractCegarLoop]: Abstraction has 72 states and 82 transitions. [2019-10-06 23:05:15,578 INFO L463 AbstractCegarLoop]: Interpolant automaton has 30 states. [2019-10-06 23:05:15,579 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 82 transitions. [2019-10-06 23:05:15,579 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2019-10-06 23:05:15,580 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:05:15,580 INFO L385 BasicCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:05:15,783 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:05:15,784 INFO L410 AbstractCegarLoop]: === Iteration 13 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:05:15,784 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:05:15,784 INFO L82 PathProgramCache]: Analyzing trace with hash -1585363814, now seen corresponding path program 10 times [2019-10-06 23:05:15,784 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:05:15,785 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:05:15,785 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:05:15,785 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:05:15,785 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:05:15,801 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:05:15,887 INFO L134 CoverageAnalysis]: Checked inductivity of 80 backedges. 6 proven. 19 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2019-10-06 23:05:15,888 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:05:15,888 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:05:15,888 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 11 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 11 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:05:16,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:05:16,074 INFO L256 TraceCheckSpWp]: Trace formula consists of 237 conjuncts, 12 conjunts are in the unsatisfiable core [2019-10-06 23:05:16,077 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:05:16,165 INFO L134 CoverageAnalysis]: Checked inductivity of 80 backedges. 10 proven. 15 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2019-10-06 23:05:16,166 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:05:16,224 INFO L134 CoverageAnalysis]: Checked inductivity of 80 backedges. 10 proven. 15 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2019-10-06 23:05:16,224 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:05:16,226 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:05:16,226 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:05:16,226 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:05:16,226 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:05:16,227 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:05:16,248 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:05:16,792 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:05:16,816 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:05:16,818 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:05:16,819 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:05:16,819 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,819 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,819 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:05:16,819 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= 0 (+ ~SIZE~0 2147483648)) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,819 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,819 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,819 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:05:16,820 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,820 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,820 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,820 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,820 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,820 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,821 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (= |#NULL.offset| 0)) (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= 0 (+ ~SIZE~0 2147483648)) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0))) (<= |old(~SIZE~0)| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,821 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:05:16,821 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:05:16,821 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:16,821 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:05:17,277 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 25 [2019-10-06 23:05:17,670 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:05:17,671 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13, 13, 11] total 31 [2019-10-06 23:05:17,671 INFO L442 AbstractCegarLoop]: Interpolant automaton has 31 states [2019-10-06 23:05:17,672 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2019-10-06 23:05:17,673 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=136, Invalid=794, Unknown=0, NotChecked=0, Total=930 [2019-10-06 23:05:17,673 INFO L87 Difference]: Start difference. First operand 72 states and 82 transitions. Second operand 31 states. [2019-10-06 23:05:19,386 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:05:19,460 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:05:19,461 INFO L93 Difference]: Finished difference Result 78 states and 88 transitions. [2019-10-06 23:05:19,461 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2019-10-06 23:05:19,462 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 47 [2019-10-06 23:05:19,462 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:05:19,463 INFO L225 Difference]: With dead ends: 78 [2019-10-06 23:05:19,463 INFO L226 Difference]: Without dead ends: 53 [2019-10-06 23:05:19,464 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 171 GetRequests, 114 SyntacticMatches, 10 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 791 ImplicationChecksByTransitivity, 2.1s TimeCoverageRelationStatistics Valid=328, Invalid=2024, Unknown=0, NotChecked=0, Total=2352 [2019-10-06 23:05:19,465 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2019-10-06 23:05:19,479 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2019-10-06 23:05:19,479 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 53 states. [2019-10-06 23:05:19,480 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 59 transitions. [2019-10-06 23:05:19,480 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 59 transitions. Word has length 47 [2019-10-06 23:05:19,480 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:05:19,481 INFO L462 AbstractCegarLoop]: Abstraction has 53 states and 59 transitions. [2019-10-06 23:05:19,481 INFO L463 AbstractCegarLoop]: Interpolant automaton has 31 states. [2019-10-06 23:05:19,481 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 59 transitions. [2019-10-06 23:05:19,481 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2019-10-06 23:05:19,482 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:05:19,482 INFO L385 BasicCegarLoop]: trace histogram [5, 5, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:05:19,694 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:05:19,695 INFO L410 AbstractCegarLoop]: === Iteration 14 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:05:19,696 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:05:19,696 INFO L82 PathProgramCache]: Analyzing trace with hash 916149111, now seen corresponding path program 11 times [2019-10-06 23:05:19,696 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:05:19,697 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:05:19,697 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:05:19,697 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:05:19,698 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:05:19,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:05:20,312 WARN L191 SmtUtils]: Spent 129.00 ms on a formula simplification. DAG size of input: 44 DAG size of output: 34 [2019-10-06 23:05:20,538 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 38 [2019-10-06 23:05:20,785 WARN L191 SmtUtils]: Spent 224.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 46 [2019-10-06 23:05:21,032 WARN L191 SmtUtils]: Spent 220.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 47 [2019-10-06 23:05:21,273 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 48 [2019-10-06 23:05:21,532 WARN L191 SmtUtils]: Spent 223.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 49 [2019-10-06 23:05:21,771 WARN L191 SmtUtils]: Spent 205.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 44 [2019-10-06 23:05:21,926 WARN L191 SmtUtils]: Spent 132.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 41 [2019-10-06 23:05:22,212 WARN L191 SmtUtils]: Spent 254.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 55 [2019-10-06 23:05:22,484 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 48 [2019-10-06 23:05:22,759 WARN L191 SmtUtils]: Spent 231.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 49 [2019-10-06 23:05:23,055 WARN L191 SmtUtils]: Spent 256.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 51 [2019-10-06 23:05:23,298 WARN L191 SmtUtils]: Spent 201.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 45 [2019-10-06 23:05:23,528 WARN L191 SmtUtils]: Spent 193.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 45 [2019-10-06 23:05:23,810 WARN L191 SmtUtils]: Spent 241.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 50 [2019-10-06 23:05:24,069 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 58 [2019-10-06 23:05:24,356 WARN L191 SmtUtils]: Spent 231.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 48 [2019-10-06 23:05:24,628 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 49 [2019-10-06 23:05:24,883 WARN L191 SmtUtils]: Spent 207.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 44 [2019-10-06 23:05:25,173 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 59 [2019-10-06 23:05:25,442 WARN L191 SmtUtils]: Spent 214.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 50 [2019-10-06 23:05:25,744 WARN L191 SmtUtils]: Spent 243.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 55 [2019-10-06 23:05:25,962 WARN L191 SmtUtils]: Spent 160.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 49 [2019-10-06 23:05:26,207 WARN L191 SmtUtils]: Spent 189.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 45 [2019-10-06 23:05:26,432 WARN L191 SmtUtils]: Spent 144.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 46 [2019-10-06 23:05:26,628 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 49 [2019-10-06 23:05:26,821 WARN L191 SmtUtils]: Spent 136.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 49 [2019-10-06 23:05:27,032 WARN L191 SmtUtils]: Spent 145.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 54 [2019-10-06 23:05:27,197 WARN L191 SmtUtils]: Spent 122.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 47 [2019-10-06 23:05:27,911 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 3 proven. 102 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:05:27,911 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:05:27,911 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:05:27,911 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 12 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 12 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:05:28,133 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2019-10-06 23:05:28,133 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:05:28,136 WARN L254 TraceCheckSpWp]: Trace formula consists of 262 conjuncts, 146 conjunts are in the unsatisfiable core [2019-10-06 23:05:28,139 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:05:31,196 WARN L191 SmtUtils]: Spent 141.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 70 [2019-10-06 23:05:31,330 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 122 DAG size of output: 33 [2019-10-06 23:05:31,586 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 5 proven. 90 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:05:31,586 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:06:25,932 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:26,736 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 43 [2019-10-06 23:06:26,858 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 43 [2019-10-06 23:06:27,215 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 43 [2019-10-06 23:06:27,445 WARN L191 SmtUtils]: Spent 113.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 43 [2019-10-06 23:06:27,783 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 41 [2019-10-06 23:06:28,441 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:06:28,964 WARN L191 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 39 [2019-10-06 23:06:29,076 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:29,911 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 35 [2019-10-06 23:06:30,026 WARN L191 SmtUtils]: Spent 113.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 39 [2019-10-06 23:06:30,212 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 38 [2019-10-06 23:06:31,357 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:31,551 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:32,246 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:32,432 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:35,421 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:36,748 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:06:36,981 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:06:38,338 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:38,629 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:06:42,028 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:42,323 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 41 [2019-10-06 23:06:49,004 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:49,582 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 39 [2019-10-06 23:06:50,751 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:51,429 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:06:51,752 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 51 DAG size of output: 37 [2019-10-06 23:06:52,295 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 39 [2019-10-06 23:06:52,411 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 38 [2019-10-06 23:06:52,770 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:06:52,880 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:06:53,556 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 35 [2019-10-06 23:06:53,665 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:06:59,964 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36 [2019-10-06 23:07:00,135 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 50 DAG size of output: 36