java -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AutomizerC.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf --traceabstraction.trace.refinement.strategy SIFA_TAIPAN --sifa.abstract.domain CompoundDomain --rcfgbuilder.size.of.a.code.block LoopFreeBlock --sifa.call.summarizer TopInputCallSummarizer --sifa.fluid SizeLimitFluid --sifa.simplification.technique SIMPLIFY_QUICK -i ../../../trunk/examples/svcomp/array-crafted/zero_sum_const_m3.c -------------------------------------------------------------------------------- This is Ultimate 0.1.24-36ac518-m [2019-10-06 23:13:55,019 INFO L177 SettingsManager]: Resetting all preferences to default values... [2019-10-06 23:13:55,022 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2019-10-06 23:13:55,039 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-10-06 23:13:55,040 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-10-06 23:13:55,042 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-10-06 23:13:55,044 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-10-06 23:13:55,053 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2019-10-06 23:13:55,055 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-10-06 23:13:55,056 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-10-06 23:13:55,058 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2019-10-06 23:13:55,060 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-10-06 23:13:55,061 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-10-06 23:13:55,064 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-10-06 23:13:55,066 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-10-06 23:13:55,067 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-10-06 23:13:55,069 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-10-06 23:13:55,071 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-10-06 23:13:55,073 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-10-06 23:13:55,078 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2019-10-06 23:13:55,082 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-10-06 23:13:55,083 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-10-06 23:13:55,086 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2019-10-06 23:13:55,086 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-10-06 23:13:55,088 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-10-06 23:13:55,088 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-10-06 23:13:55,088 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-10-06 23:13:55,089 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2019-10-06 23:13:55,090 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-10-06 23:13:55,090 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2019-10-06 23:13:55,091 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-10-06 23:13:55,091 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2019-10-06 23:13:55,092 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-10-06 23:13:55,093 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2019-10-06 23:13:55,094 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-10-06 23:13:55,094 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2019-10-06 23:13:55,095 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-10-06 23:13:55,095 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-10-06 23:13:55,095 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2019-10-06 23:13:55,096 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2019-10-06 23:13:55,096 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2019-10-06 23:13:55,097 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf [2019-10-06 23:13:55,111 INFO L113 SettingsManager]: Loading preferences was successful [2019-10-06 23:13:55,111 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2019-10-06 23:13:55,112 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2019-10-06 23:13:55,112 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2019-10-06 23:13:55,113 INFO L138 SettingsManager]: * Use SBE=true [2019-10-06 23:13:55,113 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2019-10-06 23:13:55,113 INFO L138 SettingsManager]: * sizeof long=4 [2019-10-06 23:13:55,113 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2019-10-06 23:13:55,113 INFO L138 SettingsManager]: * sizeof POINTER=4 [2019-10-06 23:13:55,114 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2019-10-06 23:13:55,114 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2019-10-06 23:13:55,114 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2019-10-06 23:13:55,114 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2019-10-06 23:13:55,114 INFO L138 SettingsManager]: * sizeof long double=12 [2019-10-06 23:13:55,115 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2019-10-06 23:13:55,115 INFO L138 SettingsManager]: * Use constant arrays=true [2019-10-06 23:13:55,115 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2019-10-06 23:13:55,115 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2019-10-06 23:13:55,115 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2019-10-06 23:13:55,116 INFO L138 SettingsManager]: * To the following directory=./dump/ [2019-10-06 23:13:55,116 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2019-10-06 23:13:55,116 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-10-06 23:13:55,116 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2019-10-06 23:13:55,116 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2019-10-06 23:13:55,117 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2019-10-06 23:13:55,117 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2019-10-06 23:13:55,117 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2019-10-06 23:13:55,117 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2019-10-06 23:13:55,117 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: Trace refinement strategy -> SIFA_TAIPAN Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Abstract Domain -> CompoundDomain Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder: Size of a code block -> LoopFreeBlock Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Call Summarizer -> TopInputCallSummarizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Fluid -> SizeLimitFluid Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Simplification Technique -> SIMPLIFY_QUICK [2019-10-06 23:13:55,424 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-10-06 23:13:55,445 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-10-06 23:13:55,448 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-10-06 23:13:55,450 INFO L271 PluginConnector]: Initializing CDTParser... [2019-10-06 23:13:55,450 INFO L275 PluginConnector]: CDTParser initialized [2019-10-06 23:13:55,451 INFO L428 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/array-crafted/zero_sum_const_m3.c [2019-10-06 23:13:55,529 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0bf4e4066/8a4c4913b46e419f85fe201c37b1d8bf/FLAGc68151c60 [2019-10-06 23:13:56,014 INFO L306 CDTParser]: Found 1 translation units. [2019-10-06 23:13:56,015 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/array-crafted/zero_sum_const_m3.c [2019-10-06 23:13:56,022 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0bf4e4066/8a4c4913b46e419f85fe201c37b1d8bf/FLAGc68151c60 [2019-10-06 23:13:56,381 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0bf4e4066/8a4c4913b46e419f85fe201c37b1d8bf [2019-10-06 23:13:56,391 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-10-06 23:13:56,393 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-10-06 23:13:56,394 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2019-10-06 23:13:56,394 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2019-10-06 23:13:56,398 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2019-10-06 23:13:56,399 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,402 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@421e582d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56, skipping insertion in model container [2019-10-06 23:13:56,402 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,409 INFO L142 MainTranslator]: Starting translation in SV-COMP mode [2019-10-06 23:13:56,429 INFO L173 MainTranslator]: Built tables and reachable declarations [2019-10-06 23:13:56,587 INFO L206 PostProcessor]: Analyzing one entry point: main [2019-10-06 23:13:56,598 INFO L188 MainTranslator]: Completed pre-run [2019-10-06 23:13:56,620 INFO L206 PostProcessor]: Analyzing one entry point: main [2019-10-06 23:13:56,634 INFO L192 MainTranslator]: Completed translation [2019-10-06 23:13:56,635 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56 WrapperNode [2019-10-06 23:13:56,635 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2019-10-06 23:13:56,635 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-10-06 23:13:56,635 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-10-06 23:13:56,636 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2019-10-06 23:13:56,733 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,734 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,744 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,744 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,772 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,780 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,782 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... [2019-10-06 23:13:56,784 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-10-06 23:13:56,784 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-10-06 23:13:56,785 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-10-06 23:13:56,785 INFO L275 PluginConnector]: RCFGBuilder initialized [2019-10-06 23:13:56,786 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-10-06 23:13:56,842 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2019-10-06 23:13:56,843 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2019-10-06 23:13:56,843 INFO L138 BoogieDeclarations]: Found implementation of procedure __VERIFIER_assert [2019-10-06 23:13:56,843 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2019-10-06 23:13:56,843 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2019-10-06 23:13:56,843 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assume [2019-10-06 23:13:56,843 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assert [2019-10-06 23:13:56,844 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_long [2019-10-06 23:13:56,844 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2019-10-06 23:13:56,844 INFO L130 BoogieDeclarations]: Found specification of procedure main [2019-10-06 23:13:56,844 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2019-10-06 23:13:56,844 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2019-10-06 23:13:56,844 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2019-10-06 23:13:56,845 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2019-10-06 23:13:56,845 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2019-10-06 23:13:56,845 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2019-10-06 23:13:57,244 INFO L279 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2019-10-06 23:13:57,245 INFO L284 CfgBuilder]: Removed 7 assume(true) statements. [2019-10-06 23:13:57,246 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.10 11:13:57 BoogieIcfgContainer [2019-10-06 23:13:57,247 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-10-06 23:13:57,248 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2019-10-06 23:13:57,248 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2019-10-06 23:13:57,252 INFO L275 PluginConnector]: TraceAbstraction initialized [2019-10-06 23:13:57,252 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.10 11:13:56" (1/3) ... [2019-10-06 23:13:57,253 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@12200b6d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.10 11:13:57, skipping insertion in model container [2019-10-06 23:13:57,253 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:13:56" (2/3) ... [2019-10-06 23:13:57,254 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@12200b6d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.10 11:13:57, skipping insertion in model container [2019-10-06 23:13:57,254 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.10 11:13:57" (3/3) ... [2019-10-06 23:13:57,256 INFO L109 eAbstractionObserver]: Analyzing ICFG zero_sum_const_m3.c [2019-10-06 23:13:57,266 INFO L152 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2019-10-06 23:13:57,275 INFO L164 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2019-10-06 23:13:57,288 INFO L249 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2019-10-06 23:13:57,315 INFO L373 AbstractCegarLoop]: Interprodecural is true [2019-10-06 23:13:57,315 INFO L374 AbstractCegarLoop]: Hoare is true [2019-10-06 23:13:57,316 INFO L375 AbstractCegarLoop]: Compute interpolants for FPandBP [2019-10-06 23:13:57,316 INFO L376 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2019-10-06 23:13:57,316 INFO L377 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2019-10-06 23:13:57,316 INFO L378 AbstractCegarLoop]: Difference is false [2019-10-06 23:13:57,316 INFO L379 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2019-10-06 23:13:57,316 INFO L383 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2019-10-06 23:13:57,335 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states. [2019-10-06 23:13:57,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2019-10-06 23:13:57,343 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:13:57,345 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:13:57,350 INFO L410 AbstractCegarLoop]: === Iteration 1 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:13:57,355 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:13:57,356 INFO L82 PathProgramCache]: Analyzing trace with hash -68481076, now seen corresponding path program 1 times [2019-10-06 23:13:57,365 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:13:57,365 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:57,366 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:57,366 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:57,366 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:13:57,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:13:57,621 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:13:57,623 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:57,624 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:13:57,624 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2019-10-06 23:13:57,630 INFO L442 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-10-06 23:13:57,644 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-10-06 23:13:57,646 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2019-10-06 23:13:57,651 INFO L87 Difference]: Start difference. First operand 24 states. Second operand 5 states. [2019-10-06 23:13:57,783 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:13:57,784 INFO L93 Difference]: Finished difference Result 45 states and 60 transitions. [2019-10-06 23:13:57,786 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2019-10-06 23:13:57,787 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 17 [2019-10-06 23:13:57,788 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:13:57,801 INFO L225 Difference]: With dead ends: 45 [2019-10-06 23:13:57,802 INFO L226 Difference]: Without dead ends: 24 [2019-10-06 23:13:57,808 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2019-10-06 23:13:57,831 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24 states. [2019-10-06 23:13:57,868 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24 to 24. [2019-10-06 23:13:57,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 24 states. [2019-10-06 23:13:57,871 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 24 states to 24 states and 35 transitions. [2019-10-06 23:13:57,872 INFO L78 Accepts]: Start accepts. Automaton has 24 states and 35 transitions. Word has length 17 [2019-10-06 23:13:57,873 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:13:57,873 INFO L462 AbstractCegarLoop]: Abstraction has 24 states and 35 transitions. [2019-10-06 23:13:57,873 INFO L463 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-10-06 23:13:57,873 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 35 transitions. [2019-10-06 23:13:57,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2019-10-06 23:13:57,875 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:13:57,875 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:13:57,875 INFO L410 AbstractCegarLoop]: === Iteration 2 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:13:57,876 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:13:57,876 INFO L82 PathProgramCache]: Analyzing trace with hash -1579005837, now seen corresponding path program 1 times [2019-10-06 23:13:57,876 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:13:57,876 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:57,877 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:57,877 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:57,877 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:13:57,906 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:13:57,958 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2019-10-06 23:13:57,959 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:57,961 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:13:57,961 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2019-10-06 23:13:57,963 INFO L442 AbstractCegarLoop]: Interpolant automaton has 3 states [2019-10-06 23:13:57,963 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2019-10-06 23:13:57,964 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-10-06 23:13:57,964 INFO L87 Difference]: Start difference. First operand 24 states and 35 transitions. Second operand 3 states. [2019-10-06 23:13:58,002 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:13:58,002 INFO L93 Difference]: Finished difference Result 42 states and 64 transitions. [2019-10-06 23:13:58,003 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2019-10-06 23:13:58,003 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 18 [2019-10-06 23:13:58,003 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:13:58,004 INFO L225 Difference]: With dead ends: 42 [2019-10-06 23:13:58,004 INFO L226 Difference]: Without dead ends: 25 [2019-10-06 23:13:58,006 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-10-06 23:13:58,006 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 25 states. [2019-10-06 23:13:58,011 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 25 to 25. [2019-10-06 23:13:58,011 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2019-10-06 23:13:58,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 36 transitions. [2019-10-06 23:13:58,013 INFO L78 Accepts]: Start accepts. Automaton has 25 states and 36 transitions. Word has length 18 [2019-10-06 23:13:58,013 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:13:58,013 INFO L462 AbstractCegarLoop]: Abstraction has 25 states and 36 transitions. [2019-10-06 23:13:58,013 INFO L463 AbstractCegarLoop]: Interpolant automaton has 3 states. [2019-10-06 23:13:58,013 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 36 transitions. [2019-10-06 23:13:58,014 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2019-10-06 23:13:58,014 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:13:58,014 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:13:58,015 INFO L410 AbstractCegarLoop]: === Iteration 3 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:13:58,015 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:13:58,015 INFO L82 PathProgramCache]: Analyzing trace with hash -1817549222, now seen corresponding path program 1 times [2019-10-06 23:13:58,016 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:13:58,016 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:58,016 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:58,016 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:58,016 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:13:58,047 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:13:58,108 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2019-10-06 23:13:58,108 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:58,109 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:13:58,109 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2019-10-06 23:13:58,109 INFO L442 AbstractCegarLoop]: Interpolant automaton has 4 states [2019-10-06 23:13:58,110 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2019-10-06 23:13:58,110 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-10-06 23:13:58,110 INFO L87 Difference]: Start difference. First operand 25 states and 36 transitions. Second operand 4 states. [2019-10-06 23:13:58,182 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:13:58,183 INFO L93 Difference]: Finished difference Result 40 states and 60 transitions. [2019-10-06 23:13:58,183 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2019-10-06 23:13:58,183 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 19 [2019-10-06 23:13:58,184 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:13:58,184 INFO L225 Difference]: With dead ends: 40 [2019-10-06 23:13:58,185 INFO L226 Difference]: Without dead ends: 25 [2019-10-06 23:13:58,185 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-10-06 23:13:58,186 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 25 states. [2019-10-06 23:13:58,191 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 25 to 25. [2019-10-06 23:13:58,192 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 25 states. [2019-10-06 23:13:58,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 31 transitions. [2019-10-06 23:13:58,193 INFO L78 Accepts]: Start accepts. Automaton has 25 states and 31 transitions. Word has length 19 [2019-10-06 23:13:58,193 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:13:58,194 INFO L462 AbstractCegarLoop]: Abstraction has 25 states and 31 transitions. [2019-10-06 23:13:58,194 INFO L463 AbstractCegarLoop]: Interpolant automaton has 4 states. [2019-10-06 23:13:58,194 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 31 transitions. [2019-10-06 23:13:58,195 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2019-10-06 23:13:58,195 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:13:58,195 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:13:58,196 INFO L410 AbstractCegarLoop]: === Iteration 4 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:13:58,196 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:13:58,196 INFO L82 PathProgramCache]: Analyzing trace with hash 2017864887, now seen corresponding path program 1 times [2019-10-06 23:13:58,197 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:13:58,197 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:58,197 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:58,197 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:13:58,197 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:13:58,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:13:58,295 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:13:58,296 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:13:58,296 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:13:58,296 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:13:58,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:13:58,383 INFO L256 TraceCheckSpWp]: Trace formula consists of 126 conjuncts, 4 conjunts are in the unsatisfiable core [2019-10-06 23:13:58,391 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:13:58,463 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:13:58,464 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:13:58,499 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:13:58,499 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:13:58,526 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:13:58,526 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:13:58,536 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:13:58,550 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:13:58,550 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:13:58,766 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:00,373 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:00,427 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:00,434 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:00,435 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:00,435 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,436 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,437 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,437 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:00,437 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= ~SIZE~0 2147483647) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,438 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,438 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,438 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:00,439 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,439 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,440 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,441 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,441 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,441 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,442 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:00,442 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:00,443 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,444 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:00,921 WARN L191 SmtUtils]: Spent 120.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:01,321 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:01,325 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:01,325 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4, 4, 11] total 19 [2019-10-06 23:14:01,327 INFO L442 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-10-06 23:14:01,327 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-10-06 23:14:01,328 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=286, Unknown=0, NotChecked=0, Total=342 [2019-10-06 23:14:01,330 INFO L87 Difference]: Start difference. First operand 25 states and 31 transitions. Second operand 19 states. [2019-10-06 23:14:02,467 WARN L191 SmtUtils]: Spent 134.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:14:02,565 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:02,565 INFO L93 Difference]: Finished difference Result 49 states and 67 transitions. [2019-10-06 23:14:02,566 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-10-06 23:14:02,567 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 24 [2019-10-06 23:14:02,567 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:02,568 INFO L225 Difference]: With dead ends: 49 [2019-10-06 23:14:02,568 INFO L226 Difference]: Without dead ends: 32 [2019-10-06 23:14:02,569 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 87 GetRequests, 58 SyntacticMatches, 1 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 215 ImplicationChecksByTransitivity, 1.8s TimeCoverageRelationStatistics Valid=143, Invalid=727, Unknown=0, NotChecked=0, Total=870 [2019-10-06 23:14:02,570 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32 states. [2019-10-06 23:14:02,585 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32 to 32. [2019-10-06 23:14:02,586 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 32 states. [2019-10-06 23:14:02,594 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 32 states to 32 states and 38 transitions. [2019-10-06 23:14:02,594 INFO L78 Accepts]: Start accepts. Automaton has 32 states and 38 transitions. Word has length 24 [2019-10-06 23:14:02,595 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:02,595 INFO L462 AbstractCegarLoop]: Abstraction has 32 states and 38 transitions. [2019-10-06 23:14:02,595 INFO L463 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-10-06 23:14:02,595 INFO L276 IsEmpty]: Start isEmpty. Operand 32 states and 38 transitions. [2019-10-06 23:14:02,597 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2019-10-06 23:14:02,597 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:02,598 INFO L385 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:02,802 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:02,803 INFO L410 AbstractCegarLoop]: === Iteration 5 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:02,803 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:02,804 INFO L82 PathProgramCache]: Analyzing trace with hash 567715820, now seen corresponding path program 2 times [2019-10-06 23:14:02,804 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:02,804 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,804 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,805 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,805 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:02,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:04,075 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:04,076 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:04,076 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:04,076 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:04,157 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2019-10-06 23:14:04,157 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:04,160 INFO L256 TraceCheckSpWp]: Trace formula consists of 160 conjuncts, 65 conjunts are in the unsatisfiable core [2019-10-06 23:14:04,163 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:04,924 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:04,925 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:05,947 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 18 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-10-06 23:14:05,947 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:05,949 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:14:05,950 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:05,950 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:05,951 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:05,951 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:05,990 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:06,909 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:06,966 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:06,972 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:06,972 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:06,972 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,973 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,973 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,973 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:06,973 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,974 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,975 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,976 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:06,985 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,985 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,986 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,986 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,986 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,987 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,988 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:06,989 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:06,989 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:06,989 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:07,887 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:08,532 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:08,533 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:08,533 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 21, 20, 11] total 62 [2019-10-06 23:14:08,534 INFO L442 AbstractCegarLoop]: Interpolant automaton has 62 states [2019-10-06 23:14:08,535 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 62 interpolants. [2019-10-06 23:14:08,536 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=203, Invalid=3579, Unknown=0, NotChecked=0, Total=3782 [2019-10-06 23:14:08,537 INFO L87 Difference]: Start difference. First operand 32 states and 38 transitions. Second operand 62 states. [2019-10-06 23:14:12,188 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:12,188 INFO L93 Difference]: Finished difference Result 53 states and 64 transitions. [2019-10-06 23:14:12,189 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2019-10-06 23:14:12,189 INFO L78 Accepts]: Start accepts. Automaton has 62 states. Word has length 31 [2019-10-06 23:14:12,190 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:12,191 INFO L225 Difference]: With dead ends: 53 [2019-10-06 23:14:12,191 INFO L226 Difference]: Without dead ends: 48 [2019-10-06 23:14:12,194 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 137 GetRequests, 46 SyntacticMatches, 11 SemanticMatches, 80 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1820 ImplicationChecksByTransitivity, 6.3s TimeCoverageRelationStatistics Valid=365, Invalid=6277, Unknown=0, NotChecked=0, Total=6642 [2019-10-06 23:14:12,195 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 48 states. [2019-10-06 23:14:12,203 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 48 to 46. [2019-10-06 23:14:12,204 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 46 states. [2019-10-06 23:14:12,205 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 57 transitions. [2019-10-06 23:14:12,205 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 57 transitions. Word has length 31 [2019-10-06 23:14:12,205 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:12,205 INFO L462 AbstractCegarLoop]: Abstraction has 46 states and 57 transitions. [2019-10-06 23:14:12,205 INFO L463 AbstractCegarLoop]: Interpolant automaton has 62 states. [2019-10-06 23:14:12,206 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 57 transitions. [2019-10-06 23:14:12,207 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2019-10-06 23:14:12,207 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:12,207 INFO L385 BasicCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:12,411 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:12,417 INFO L410 AbstractCegarLoop]: === Iteration 6 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:12,418 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:12,418 INFO L82 PathProgramCache]: Analyzing trace with hash 1042486227, now seen corresponding path program 3 times [2019-10-06 23:14:12,419 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:12,419 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:12,419 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:12,419 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:12,420 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:12,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:12,545 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 4 proven. 5 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:14:12,546 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:12,546 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:12,546 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:12,639 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:14:12,639 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:12,640 INFO L256 TraceCheckSpWp]: Trace formula consists of 152 conjuncts, 8 conjunts are in the unsatisfiable core [2019-10-06 23:14:12,643 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:12,693 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 6 proven. 3 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:14:12,693 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:12,731 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 6 proven. 3 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:14:12,731 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:12,733 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:14:12,733 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:12,733 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:12,734 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:12,734 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:12,768 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:13,502 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:13,533 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:13,545 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:13,545 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:13,546 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,546 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,546 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,547 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:13,547 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,547 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,547 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,547 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:13,548 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,548 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,548 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,548 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,549 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,549 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,549 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:13,549 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:13,550 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:13,550 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:14,048 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:14,424 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:14,424 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 8, 11] total 24 [2019-10-06 23:14:14,426 INFO L442 AbstractCegarLoop]: Interpolant automaton has 24 states [2019-10-06 23:14:14,426 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2019-10-06 23:14:14,427 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=81, Invalid=471, Unknown=0, NotChecked=0, Total=552 [2019-10-06 23:14:14,427 INFO L87 Difference]: Start difference. First operand 46 states and 57 transitions. Second operand 24 states. [2019-10-06 23:14:15,684 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:15,685 INFO L93 Difference]: Finished difference Result 92 states and 119 transitions. [2019-10-06 23:14:15,685 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2019-10-06 23:14:15,685 INFO L78 Accepts]: Start accepts. Automaton has 24 states. Word has length 32 [2019-10-06 23:14:15,686 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:15,690 INFO L225 Difference]: With dead ends: 92 [2019-10-06 23:14:15,690 INFO L226 Difference]: Without dead ends: 53 [2019-10-06 23:14:15,691 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 118 GetRequests, 77 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 399 ImplicationChecksByTransitivity, 1.7s TimeCoverageRelationStatistics Valid=219, Invalid=1263, Unknown=0, NotChecked=0, Total=1482 [2019-10-06 23:14:15,691 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2019-10-06 23:14:15,701 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 50. [2019-10-06 23:14:15,701 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 50 states. [2019-10-06 23:14:15,702 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 50 states to 50 states and 60 transitions. [2019-10-06 23:14:15,702 INFO L78 Accepts]: Start accepts. Automaton has 50 states and 60 transitions. Word has length 32 [2019-10-06 23:14:15,702 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:15,702 INFO L462 AbstractCegarLoop]: Abstraction has 50 states and 60 transitions. [2019-10-06 23:14:15,703 INFO L463 AbstractCegarLoop]: Interpolant automaton has 24 states. [2019-10-06 23:14:15,703 INFO L276 IsEmpty]: Start isEmpty. Operand 50 states and 60 transitions. [2019-10-06 23:14:15,703 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2019-10-06 23:14:15,704 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:15,704 INFO L385 BasicCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:15,916 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:15,917 INFO L410 AbstractCegarLoop]: === Iteration 7 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:15,917 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:15,918 INFO L82 PathProgramCache]: Analyzing trace with hash 1643204986, now seen corresponding path program 4 times [2019-10-06 23:14:15,918 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:15,918 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:15,918 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:15,918 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:15,919 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:15,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:15,991 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 1 proven. 8 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2019-10-06 23:14:15,991 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:15,992 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:15,992 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:16,099 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:16,100 INFO L256 TraceCheckSpWp]: Trace formula consists of 169 conjuncts, 8 conjunts are in the unsatisfiable core [2019-10-06 23:14:16,102 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:16,142 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2019-10-06 23:14:16,142 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:16,198 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2019-10-06 23:14:16,198 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:16,200 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:14:16,200 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:16,200 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:16,201 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:16,201 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:16,230 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:14:16,837 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:16,866 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:16,870 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:16,870 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:16,870 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,871 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,871 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,871 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:16,871 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,871 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,872 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,872 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:16,872 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,872 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,873 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,873 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,873 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,873 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,874 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:16,874 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:16,874 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,874 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:17,329 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:17,707 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:17,708 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 9, 11] total 25 [2019-10-06 23:14:17,709 INFO L442 AbstractCegarLoop]: Interpolant automaton has 25 states [2019-10-06 23:14:17,710 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2019-10-06 23:14:17,710 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=88, Invalid=512, Unknown=0, NotChecked=0, Total=600 [2019-10-06 23:14:17,711 INFO L87 Difference]: Start difference. First operand 50 states and 60 transitions. Second operand 25 states. [2019-10-06 23:14:18,939 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:14:19,011 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:19,011 INFO L93 Difference]: Finished difference Result 56 states and 66 transitions. [2019-10-06 23:14:19,012 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2019-10-06 23:14:19,012 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 33 [2019-10-06 23:14:19,012 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:19,013 INFO L225 Difference]: With dead ends: 56 [2019-10-06 23:14:19,014 INFO L226 Difference]: Without dead ends: 39 [2019-10-06 23:14:19,015 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 121 GetRequests, 78 SyntacticMatches, 6 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 433 ImplicationChecksByTransitivity, 1.8s TimeCoverageRelationStatistics Valid=213, Invalid=1269, Unknown=0, NotChecked=0, Total=1482 [2019-10-06 23:14:19,015 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 39 states. [2019-10-06 23:14:19,022 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 39 to 39. [2019-10-06 23:14:19,023 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 39 states. [2019-10-06 23:14:19,023 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 39 states to 39 states and 45 transitions. [2019-10-06 23:14:19,023 INFO L78 Accepts]: Start accepts. Automaton has 39 states and 45 transitions. Word has length 33 [2019-10-06 23:14:19,024 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:19,024 INFO L462 AbstractCegarLoop]: Abstraction has 39 states and 45 transitions. [2019-10-06 23:14:19,024 INFO L463 AbstractCegarLoop]: Interpolant automaton has 25 states. [2019-10-06 23:14:19,024 INFO L276 IsEmpty]: Start isEmpty. Operand 39 states and 45 transitions. [2019-10-06 23:14:19,025 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2019-10-06 23:14:19,025 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:19,025 INFO L385 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:19,230 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:19,231 INFO L410 AbstractCegarLoop]: === Iteration 8 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:19,231 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:19,231 INFO L82 PathProgramCache]: Analyzing trace with hash -1638161385, now seen corresponding path program 5 times [2019-10-06 23:14:19,232 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:19,232 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:19,232 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:19,232 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:19,232 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:19,275 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:19,980 WARN L191 SmtUtils]: Spent 131.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 39 [2019-10-06 23:14:20,103 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 46 DAG size of output: 35 [2019-10-06 23:14:20,344 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 51 [2019-10-06 23:14:20,494 WARN L191 SmtUtils]: Spent 129.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 47 [2019-10-06 23:14:20,647 WARN L191 SmtUtils]: Spent 127.00 ms on a formula simplification. DAG size of input: 49 DAG size of output: 39 [2019-10-06 23:14:20,779 WARN L191 SmtUtils]: Spent 112.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 34 [2019-10-06 23:14:20,964 WARN L191 SmtUtils]: Spent 151.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 44 [2019-10-06 23:14:21,110 WARN L191 SmtUtils]: Spent 115.00 ms on a formula simplification. DAG size of input: 57 DAG size of output: 44 [2019-10-06 23:14:21,243 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 49 DAG size of output: 40 [2019-10-06 23:14:21,557 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 48 [2019-10-06 23:14:21,732 WARN L191 SmtUtils]: Spent 135.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 51 [2019-10-06 23:14:21,869 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 49 DAG size of output: 38 [2019-10-06 23:14:22,812 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 0 proven. 42 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:22,813 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:22,813 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:22,813 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:22,925 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2019-10-06 23:14:22,925 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:22,927 INFO L256 TraceCheckSpWp]: Trace formula consists of 194 conjuncts, 94 conjunts are in the unsatisfiable core [2019-10-06 23:14:22,931 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:25,648 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 3 proven. 36 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-10-06 23:14:25,648 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:32,012 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 0 proven. 39 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-10-06 23:14:32,013 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:32,015 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:14:32,015 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:32,017 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:32,017 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:32,017 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:32,046 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:32,780 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:32,814 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:32,818 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:32,818 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:32,818 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,819 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,819 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,819 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:32,819 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,820 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,820 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,820 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:32,820 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,823 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,825 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,826 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,826 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,826 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,827 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:32,827 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:32,827 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:32,827 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:34,110 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:34,922 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:34,923 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:34,923 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [33, 29, 27, 11] total 91 [2019-10-06 23:14:34,924 INFO L442 AbstractCegarLoop]: Interpolant automaton has 91 states [2019-10-06 23:14:34,925 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 91 interpolants. [2019-10-06 23:14:34,927 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=443, Invalid=7747, Unknown=0, NotChecked=0, Total=8190 [2019-10-06 23:14:34,927 INFO L87 Difference]: Start difference. First operand 39 states and 45 transitions. Second operand 91 states. [2019-10-06 23:14:36,870 WARN L191 SmtUtils]: Spent 124.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 66 [2019-10-06 23:14:37,410 WARN L191 SmtUtils]: Spent 166.00 ms on a formula simplification. DAG size of input: 113 DAG size of output: 55 [2019-10-06 23:14:37,784 WARN L191 SmtUtils]: Spent 138.00 ms on a formula simplification. DAG size of input: 98 DAG size of output: 56 [2019-10-06 23:14:38,228 WARN L191 SmtUtils]: Spent 151.00 ms on a formula simplification. DAG size of input: 153 DAG size of output: 61 [2019-10-06 23:14:38,580 WARN L191 SmtUtils]: Spent 118.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 65 [2019-10-06 23:14:39,591 WARN L191 SmtUtils]: Spent 133.00 ms on a formula simplification. DAG size of input: 105 DAG size of output: 71 [2019-10-06 23:14:40,044 WARN L191 SmtUtils]: Spent 182.00 ms on a formula simplification. DAG size of input: 118 DAG size of output: 73 [2019-10-06 23:14:40,417 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 77 [2019-10-06 23:14:41,154 WARN L191 SmtUtils]: Spent 120.00 ms on a formula simplification. DAG size of input: 106 DAG size of output: 79 [2019-10-06 23:14:41,624 WARN L191 SmtUtils]: Spent 185.00 ms on a formula simplification. DAG size of input: 122 DAG size of output: 80 [2019-10-06 23:14:42,009 WARN L191 SmtUtils]: Spent 135.00 ms on a formula simplification. DAG size of input: 96 DAG size of output: 83 [2019-10-06 23:14:42,493 WARN L191 SmtUtils]: Spent 140.00 ms on a formula simplification. DAG size of input: 116 DAG size of output: 81 [2019-10-06 23:14:42,963 WARN L191 SmtUtils]: Spent 133.00 ms on a formula simplification. DAG size of input: 111 DAG size of output: 77 [2019-10-06 23:14:43,498 WARN L191 SmtUtils]: Spent 219.00 ms on a formula simplification. DAG size of input: 136 DAG size of output: 90 [2019-10-06 23:14:43,905 WARN L191 SmtUtils]: Spent 133.00 ms on a formula simplification. DAG size of input: 102 DAG size of output: 94 [2019-10-06 23:14:44,498 WARN L191 SmtUtils]: Spent 127.00 ms on a formula simplification. DAG size of input: 108 DAG size of output: 70 [2019-10-06 23:14:45,015 WARN L191 SmtUtils]: Spent 152.00 ms on a formula simplification. DAG size of input: 148 DAG size of output: 69 [2019-10-06 23:14:45,487 WARN L191 SmtUtils]: Spent 186.00 ms on a formula simplification. DAG size of input: 118 DAG size of output: 80 [2019-10-06 23:14:45,855 WARN L191 SmtUtils]: Spent 113.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 78 [2019-10-06 23:14:46,330 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 97 DAG size of output: 59 [2019-10-06 23:14:46,764 WARN L191 SmtUtils]: Spent 150.00 ms on a formula simplification. DAG size of input: 142 DAG size of output: 57 [2019-10-06 23:14:47,185 WARN L191 SmtUtils]: Spent 149.00 ms on a formula simplification. DAG size of input: 107 DAG size of output: 62 [2019-10-06 23:14:47,485 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 54 DAG size of output: 51 [2019-10-06 23:14:47,797 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 46 [2019-10-06 23:14:48,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:48,888 INFO L93 Difference]: Finished difference Result 65 states and 76 transitions. [2019-10-06 23:14:48,890 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 44 states. [2019-10-06 23:14:48,890 INFO L78 Accepts]: Start accepts. Automaton has 91 states. Word has length 38 [2019-10-06 23:14:48,891 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:48,893 INFO L225 Difference]: With dead ends: 65 [2019-10-06 23:14:48,893 INFO L226 Difference]: Without dead ends: 60 [2019-10-06 23:14:48,897 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 182 GetRequests, 49 SyntacticMatches, 8 SemanticMatches, 125 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4751 ImplicationChecksByTransitivity, 23.7s TimeCoverageRelationStatistics Valid=1052, Invalid=14950, Unknown=0, NotChecked=0, Total=16002 [2019-10-06 23:14:48,898 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2019-10-06 23:14:48,910 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 57. [2019-10-06 23:14:48,910 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 57 states. [2019-10-06 23:14:48,911 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 68 transitions. [2019-10-06 23:14:48,911 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 68 transitions. Word has length 38 [2019-10-06 23:14:48,911 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:48,912 INFO L462 AbstractCegarLoop]: Abstraction has 57 states and 68 transitions. [2019-10-06 23:14:48,912 INFO L463 AbstractCegarLoop]: Interpolant automaton has 91 states. [2019-10-06 23:14:48,912 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 68 transitions. [2019-10-06 23:14:48,913 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2019-10-06 23:14:48,913 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:48,913 INFO L385 BasicCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:49,117 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:49,120 INFO L410 AbstractCegarLoop]: === Iteration 9 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:49,120 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:49,120 INFO L82 PathProgramCache]: Analyzing trace with hash -163628948, now seen corresponding path program 6 times [2019-10-06 23:14:49,121 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:49,121 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:49,121 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:49,121 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:49,122 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:49,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:49,221 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 7 proven. 9 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2019-10-06 23:14:49,222 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:49,223 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:49,223 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:49,359 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:14:49,360 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:49,361 INFO L256 TraceCheckSpWp]: Trace formula consists of 186 conjuncts, 10 conjunts are in the unsatisfiable core [2019-10-06 23:14:49,366 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:49,427 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 10 proven. 6 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2019-10-06 23:14:49,428 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:49,473 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 10 proven. 6 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2019-10-06 23:14:49,473 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:49,474 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:14:49,475 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:49,475 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:49,475 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:49,475 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:49,501 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:14:50,096 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:50,119 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:50,122 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:50,122 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:50,123 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,123 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,123 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,123 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:50,126 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,126 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,127 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,127 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:50,127 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,127 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,127 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,128 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,128 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,128 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,128 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:50,128 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:50,129 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,129 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:50,624 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:51,019 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:51,020 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 10, 11] total 27 [2019-10-06 23:14:51,021 INFO L442 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-10-06 23:14:51,021 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-10-06 23:14:51,021 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=103, Invalid=599, Unknown=0, NotChecked=0, Total=702 [2019-10-06 23:14:51,021 INFO L87 Difference]: Start difference. First operand 57 states and 68 transitions. Second operand 27 states. [2019-10-06 23:14:52,490 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:52,490 INFO L93 Difference]: Finished difference Result 114 states and 141 transitions. [2019-10-06 23:14:52,491 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-10-06 23:14:52,491 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 39 [2019-10-06 23:14:52,491 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:52,492 INFO L225 Difference]: With dead ends: 114 [2019-10-06 23:14:52,493 INFO L226 Difference]: Without dead ends: 64 [2019-10-06 23:14:52,495 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 144 GetRequests, 95 SyntacticMatches, 6 SemanticMatches, 43 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 584 ImplicationChecksByTransitivity, 1.9s TimeCoverageRelationStatistics Valid=289, Invalid=1691, Unknown=0, NotChecked=0, Total=1980 [2019-10-06 23:14:52,495 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2019-10-06 23:14:52,506 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 61. [2019-10-06 23:14:52,507 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 61 states. [2019-10-06 23:14:52,507 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 71 transitions. [2019-10-06 23:14:52,508 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 71 transitions. Word has length 39 [2019-10-06 23:14:52,508 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:52,508 INFO L462 AbstractCegarLoop]: Abstraction has 61 states and 71 transitions. [2019-10-06 23:14:52,508 INFO L463 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-10-06 23:14:52,508 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 71 transitions. [2019-10-06 23:14:52,512 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2019-10-06 23:14:52,512 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:52,512 INFO L385 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:52,715 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:52,716 INFO L410 AbstractCegarLoop]: === Iteration 10 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:52,716 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:52,717 INFO L82 PathProgramCache]: Analyzing trace with hash -96034587, now seen corresponding path program 7 times [2019-10-06 23:14:52,717 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:52,717 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:52,717 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:52,718 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:52,718 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:52,731 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:52,822 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 3 proven. 13 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2019-10-06 23:14:52,822 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:52,822 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:52,823 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:52,969 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:52,970 INFO L256 TraceCheckSpWp]: Trace formula consists of 203 conjuncts, 10 conjunts are in the unsatisfiable core [2019-10-06 23:14:52,972 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:53,061 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 10 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2019-10-06 23:14:53,062 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:53,131 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 10 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2019-10-06 23:14:53,131 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:53,133 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:14:53,133 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:53,133 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:53,134 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:53,134 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:53,159 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:14:53,681 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:53,722 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:53,725 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:53,725 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:53,725 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,725 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,725 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,725 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:53,725 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,726 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,726 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,726 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:53,726 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,726 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,726 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,727 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,727 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,727 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,727 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:53,727 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:53,728 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:53,728 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:54,201 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:54,585 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:54,586 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:54,586 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 11, 11, 11] total 28 [2019-10-06 23:14:54,587 INFO L442 AbstractCegarLoop]: Interpolant automaton has 28 states [2019-10-06 23:14:54,588 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2019-10-06 23:14:54,588 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=110, Invalid=646, Unknown=0, NotChecked=0, Total=756 [2019-10-06 23:14:54,588 INFO L87 Difference]: Start difference. First operand 61 states and 71 transitions. Second operand 28 states. [2019-10-06 23:14:56,161 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:14:56,249 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:56,249 INFO L93 Difference]: Finished difference Result 67 states and 77 transitions. [2019-10-06 23:14:56,249 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2019-10-06 23:14:56,250 INFO L78 Accepts]: Start accepts. Automaton has 28 states. Word has length 40 [2019-10-06 23:14:56,250 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:56,251 INFO L225 Difference]: With dead ends: 67 [2019-10-06 23:14:56,251 INFO L226 Difference]: Without dead ends: 46 [2019-10-06 23:14:56,253 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 146 GetRequests, 96 SyntacticMatches, 8 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 601 ImplicationChecksByTransitivity, 2.0s TimeCoverageRelationStatistics Valid=266, Invalid=1626, Unknown=0, NotChecked=0, Total=1892 [2019-10-06 23:14:56,253 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 46 states. [2019-10-06 23:14:56,261 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 46 to 46. [2019-10-06 23:14:56,262 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 46 states. [2019-10-06 23:14:56,262 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 52 transitions. [2019-10-06 23:14:56,262 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 52 transitions. Word has length 40 [2019-10-06 23:14:56,263 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:56,263 INFO L462 AbstractCegarLoop]: Abstraction has 46 states and 52 transitions. [2019-10-06 23:14:56,263 INFO L463 AbstractCegarLoop]: Interpolant automaton has 28 states. [2019-10-06 23:14:56,263 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 52 transitions. [2019-10-06 23:14:56,264 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2019-10-06 23:14:56,264 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:56,264 INFO L385 BasicCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:56,467 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:56,468 INFO L410 AbstractCegarLoop]: === Iteration 11 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:56,469 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:56,469 INFO L82 PathProgramCache]: Analyzing trace with hash -1903048692, now seen corresponding path program 8 times [2019-10-06 23:14:56,469 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:56,469 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:56,470 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:56,470 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:56,470 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:56,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:57,031 WARN L191 SmtUtils]: Spent 124.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 34 [2019-10-06 23:14:57,189 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 41 [2019-10-06 23:14:57,353 WARN L191 SmtUtils]: Spent 151.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 36 [2019-10-06 23:14:57,534 WARN L191 SmtUtils]: Spent 164.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 36 [2019-10-06 23:14:57,737 WARN L191 SmtUtils]: Spent 181.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 37 [2019-10-06 23:14:57,954 WARN L191 SmtUtils]: Spent 193.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 45 [2019-10-06 23:14:58,211 WARN L191 SmtUtils]: Spent 228.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 50 [2019-10-06 23:14:58,436 WARN L191 SmtUtils]: Spent 191.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 47 [2019-10-06 23:14:58,636 WARN L191 SmtUtils]: Spent 176.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 43 [2019-10-06 23:14:58,956 WARN L191 SmtUtils]: Spent 288.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 60 [2019-10-06 23:14:59,162 WARN L191 SmtUtils]: Spent 166.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 51 [2019-10-06 23:14:59,438 WARN L191 SmtUtils]: Spent 241.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 52 [2019-10-06 23:14:59,713 WARN L191 SmtUtils]: Spent 238.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 49 [2019-10-06 23:14:59,990 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 45 [2019-10-06 23:15:00,313 WARN L191 SmtUtils]: Spent 283.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 58 [2019-10-06 23:15:00,649 WARN L191 SmtUtils]: Spent 289.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 61 [2019-10-06 23:15:00,973 WARN L191 SmtUtils]: Spent 275.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 54 [2019-10-06 23:15:01,256 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 49 [2019-10-06 23:15:01,532 WARN L191 SmtUtils]: Spent 237.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 48 [2019-10-06 23:15:01,937 WARN L191 SmtUtils]: Spent 327.00 ms on a formula simplification. DAG size of input: 90 DAG size of output: 63 [2019-10-06 23:15:02,184 WARN L191 SmtUtils]: Spent 185.00 ms on a formula simplification. DAG size of input: 89 DAG size of output: 52 [2019-10-06 23:15:02,503 WARN L191 SmtUtils]: Spent 265.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 52 [2019-10-06 23:15:02,806 WARN L191 SmtUtils]: Spent 178.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 43 [2019-10-06 23:15:03,049 WARN L191 SmtUtils]: Spent 185.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 42 [2019-10-06 23:15:03,279 WARN L191 SmtUtils]: Spent 173.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 44 [2019-10-06 23:15:03,458 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 43 [2019-10-06 23:15:03,651 WARN L191 SmtUtils]: Spent 147.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 42 [2019-10-06 23:15:03,820 WARN L191 SmtUtils]: Spent 118.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 46 [2019-10-06 23:15:04,185 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 3 proven. 67 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:15:04,185 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:04,186 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:15:04,186 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 9 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:04,350 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2019-10-06 23:15:04,350 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:15:04,352 WARN L254 TraceCheckSpWp]: Trace formula consists of 228 conjuncts, 118 conjunts are in the unsatisfiable core [2019-10-06 23:15:04,355 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:15:08,101 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 4 proven. 60 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:15:08,101 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:15:16,289 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 0 proven. 64 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:15:16,289 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:15:16,290 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:15:16,290 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:15:16,291 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:15:16,291 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:15:16,291 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:15:16,311 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:15:16,965 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:15:16,997 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:15:17,000 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:15:17,001 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:15:17,001 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,001 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,001 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,001 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:15:17,002 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,002 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,002 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,002 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:17,002 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,002 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,003 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,003 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,003 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,003 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,003 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:15:17,003 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:17,004 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:17,004 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:18,478 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:15:19,424 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:15:19,425 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:15:19,425 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [38, 35, 33, 11] total 108 [2019-10-06 23:15:19,426 INFO L442 AbstractCegarLoop]: Interpolant automaton has 108 states [2019-10-06 23:15:19,427 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 108 interpolants. [2019-10-06 23:15:19,430 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=567, Invalid=10989, Unknown=0, NotChecked=0, Total=11556 [2019-10-06 23:15:19,430 INFO L87 Difference]: Start difference. First operand 46 states and 52 transitions. Second operand 108 states. [2019-10-06 23:15:20,481 WARN L191 SmtUtils]: Spent 139.00 ms on a formula simplification. DAG size of input: 191 DAG size of output: 30 [2019-10-06 23:15:21,101 WARN L191 SmtUtils]: Spent 155.00 ms on a formula simplification. DAG size of input: 178 DAG size of output: 49 [2019-10-06 23:15:21,470 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 57 [2019-10-06 23:15:21,862 WARN L191 SmtUtils]: Spent 115.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 64 [2019-10-06 23:15:22,352 WARN L191 SmtUtils]: Spent 194.00 ms on a formula simplification. DAG size of input: 89 DAG size of output: 55 [2019-10-06 23:15:22,815 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 56 [2019-10-06 23:15:23,168 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 58 [2019-10-06 23:15:23,576 WARN L191 SmtUtils]: Spent 128.00 ms on a formula simplification. DAG size of input: 95 DAG size of output: 62 [2019-10-06 23:15:24,371 WARN L191 SmtUtils]: Spent 245.00 ms on a formula simplification. DAG size of input: 211 DAG size of output: 80 [2019-10-06 23:15:24,843 WARN L191 SmtUtils]: Spent 167.00 ms on a formula simplification. DAG size of input: 109 DAG size of output: 89 [2019-10-06 23:15:25,638 WARN L191 SmtUtils]: Spent 120.00 ms on a formula simplification. DAG size of input: 108 DAG size of output: 66 [2019-10-06 23:15:26,128 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 165 DAG size of output: 27 [2019-10-06 23:15:26,604 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 130 DAG size of output: 74 [2019-10-06 23:15:27,124 WARN L191 SmtUtils]: Spent 155.00 ms on a formula simplification. DAG size of input: 126 DAG size of output: 71 [2019-10-06 23:15:27,924 WARN L191 SmtUtils]: Spent 229.00 ms on a formula simplification. DAG size of input: 236 DAG size of output: 78 [2019-10-06 23:15:28,417 WARN L191 SmtUtils]: Spent 158.00 ms on a formula simplification. DAG size of input: 127 DAG size of output: 84 [2019-10-06 23:15:28,901 WARN L191 SmtUtils]: Spent 169.00 ms on a formula simplification. DAG size of input: 124 DAG size of output: 34 [2019-10-06 23:15:29,692 WARN L191 SmtUtils]: Spent 129.00 ms on a formula simplification. DAG size of input: 120 DAG size of output: 77 [2019-10-06 23:15:30,554 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 125 DAG size of output: 83 [2019-10-06 23:15:31,029 WARN L191 SmtUtils]: Spent 172.00 ms on a formula simplification. DAG size of input: 115 DAG size of output: 47 [2019-10-06 23:15:31,606 WARN L191 SmtUtils]: Spent 242.00 ms on a formula simplification. DAG size of input: 118 DAG size of output: 79 [2019-10-06 23:15:31,954 WARN L191 SmtUtils]: Spent 144.00 ms on a formula simplification. DAG size of input: 108 DAG size of output: 47 [2019-10-06 23:15:32,803 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 242 DAG size of output: 84 [2019-10-06 23:15:33,486 WARN L191 SmtUtils]: Spent 196.00 ms on a formula simplification. DAG size of input: 232 DAG size of output: 43 [2019-10-06 23:15:33,987 WARN L191 SmtUtils]: Spent 146.00 ms on a formula simplification. DAG size of input: 133 DAG size of output: 91 [2019-10-06 23:15:34,579 WARN L191 SmtUtils]: Spent 159.00 ms on a formula simplification. DAG size of input: 188 DAG size of output: 40 [2019-10-06 23:15:35,368 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 110 DAG size of output: 87 [2019-10-06 23:15:36,153 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 144 DAG size of output: 87 [2019-10-06 23:15:36,867 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 128 DAG size of output: 91 [2019-10-06 23:15:37,757 WARN L191 SmtUtils]: Spent 251.00 ms on a formula simplification. DAG size of input: 250 DAG size of output: 92 [2019-10-06 23:15:38,321 WARN L191 SmtUtils]: Spent 158.00 ms on a formula simplification. DAG size of input: 142 DAG size of output: 99 [2019-10-06 23:15:39,229 WARN L191 SmtUtils]: Spent 162.00 ms on a formula simplification. DAG size of input: 142 DAG size of output: 71 [2019-10-06 23:15:39,817 WARN L191 SmtUtils]: Spent 152.00 ms on a formula simplification. DAG size of input: 132 DAG size of output: 77 [2019-10-06 23:15:40,701 WARN L191 SmtUtils]: Spent 269.00 ms on a formula simplification. DAG size of input: 241 DAG size of output: 83 [2019-10-06 23:15:41,296 WARN L191 SmtUtils]: Spent 188.00 ms on a formula simplification. DAG size of input: 139 DAG size of output: 92 [2019-10-06 23:15:41,733 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 73 [2019-10-06 23:15:42,185 WARN L191 SmtUtils]: Spent 146.00 ms on a formula simplification. DAG size of input: 119 DAG size of output: 67 [2019-10-06 23:15:43,309 WARN L191 SmtUtils]: Spent 162.00 ms on a formula simplification. DAG size of input: 133 DAG size of output: 66 [2019-10-06 23:15:44,265 WARN L191 SmtUtils]: Spent 191.00 ms on a formula simplification. DAG size of input: 154 DAG size of output: 74 [2019-10-06 23:15:44,879 WARN L191 SmtUtils]: Spent 151.00 ms on a formula simplification. DAG size of input: 196 DAG size of output: 30 [2019-10-06 23:15:45,682 WARN L191 SmtUtils]: Spent 232.00 ms on a formula simplification. DAG size of input: 235 DAG size of output: 68 [2019-10-06 23:15:46,258 WARN L191 SmtUtils]: Spent 122.00 ms on a formula simplification. DAG size of input: 172 DAG size of output: 29 [2019-10-06 23:15:46,684 WARN L191 SmtUtils]: Spent 162.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 79 [2019-10-06 23:15:48,426 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:15:48,427 INFO L93 Difference]: Finished difference Result 121 states and 144 transitions. [2019-10-06 23:15:48,428 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 64 states. [2019-10-06 23:15:48,429 INFO L78 Accepts]: Start accepts. Automaton has 108 states. Word has length 45 [2019-10-06 23:15:48,429 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:15:48,430 INFO L225 Difference]: With dead ends: 121 [2019-10-06 23:15:48,430 INFO L226 Difference]: Without dead ends: 98 [2019-10-06 23:15:48,435 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 231 GetRequests, 59 SyntacticMatches, 10 SemanticMatches, 162 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8116 ImplicationChecksByTransitivity, 43.4s TimeCoverageRelationStatistics Valid=1773, Invalid=24959, Unknown=0, NotChecked=0, Total=26732 [2019-10-06 23:15:48,435 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2019-10-06 23:15:48,454 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 74. [2019-10-06 23:15:48,454 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 74 states. [2019-10-06 23:15:48,455 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 88 transitions. [2019-10-06 23:15:48,455 INFO L78 Accepts]: Start accepts. Automaton has 74 states and 88 transitions. Word has length 45 [2019-10-06 23:15:48,456 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:15:48,456 INFO L462 AbstractCegarLoop]: Abstraction has 74 states and 88 transitions. [2019-10-06 23:15:48,456 INFO L463 AbstractCegarLoop]: Interpolant automaton has 108 states. [2019-10-06 23:15:48,456 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 88 transitions. [2019-10-06 23:15:48,457 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2019-10-06 23:15:48,457 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:15:48,457 INFO L385 BasicCegarLoop]: trace histogram [5, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:15:48,674 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:48,675 INFO L410 AbstractCegarLoop]: === Iteration 12 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:15:48,675 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:15:48,676 INFO L82 PathProgramCache]: Analyzing trace with hash 1472165683, now seen corresponding path program 9 times [2019-10-06 23:15:48,676 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:15:48,676 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:48,676 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:48,677 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:48,677 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:15:48,693 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:48,784 INFO L134 CoverageAnalysis]: Checked inductivity of 75 backedges. 11 proven. 14 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2019-10-06 23:15:48,784 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:48,785 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:15:48,785 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 10 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 10 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:48,979 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:15:48,979 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:15:48,980 INFO L256 TraceCheckSpWp]: Trace formula consists of 220 conjuncts, 12 conjunts are in the unsatisfiable core [2019-10-06 23:15:48,987 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:15:49,077 INFO L134 CoverageAnalysis]: Checked inductivity of 75 backedges. 15 proven. 10 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2019-10-06 23:15:49,078 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:15:49,134 INFO L134 CoverageAnalysis]: Checked inductivity of 75 backedges. 15 proven. 10 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2019-10-06 23:15:49,134 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:15:49,136 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:15:49,136 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:15:49,136 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:15:49,136 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:15:49,136 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:15:49,154 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:15:49,669 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:15:49,690 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:15:49,693 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:15:49,693 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:15:49,693 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,693 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,693 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,693 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:15:49,694 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,694 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,694 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,694 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:49,694 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,694 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,695 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,695 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,695 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,695 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= 0 |old(~SIZE~0)|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (= |#NULL.offset| 0))) (<= |old(~SIZE~0)| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,695 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:15:49,696 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:49,696 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:49,696 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:50,197 WARN L191 SmtUtils]: Spent 111.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 25 [2019-10-06 23:15:50,600 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:15:50,600 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:15:50,601 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 12, 12, 11] total 30 [2019-10-06 23:15:50,602 INFO L442 AbstractCegarLoop]: Interpolant automaton has 30 states [2019-10-06 23:15:50,602 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2019-10-06 23:15:50,602 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=129, Invalid=741, Unknown=0, NotChecked=0, Total=870 [2019-10-06 23:15:50,602 INFO L87 Difference]: Start difference. First operand 74 states and 88 transitions. Second operand 30 states. [2019-10-06 23:15:52,246 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:15:52,246 INFO L93 Difference]: Finished difference Result 142 states and 172 transitions. [2019-10-06 23:15:52,246 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2019-10-06 23:15:52,246 INFO L78 Accepts]: Start accepts. Automaton has 30 states. Word has length 46 [2019-10-06 23:15:52,247 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:15:52,248 INFO L225 Difference]: With dead ends: 142 [2019-10-06 23:15:52,248 INFO L226 Difference]: Without dead ends: 75 [2019-10-06 23:15:52,250 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 170 GetRequests, 113 SyntacticMatches, 8 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 798 ImplicationChecksByTransitivity, 2.1s TimeCoverageRelationStatistics Valid=372, Invalid=2178, Unknown=0, NotChecked=0, Total=2550 [2019-10-06 23:15:52,250 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2019-10-06 23:15:52,267 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 72. [2019-10-06 23:15:52,268 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 72 states. [2019-10-06 23:15:52,268 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 82 transitions. [2019-10-06 23:15:52,269 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 82 transitions. Word has length 46 [2019-10-06 23:15:52,269 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:15:52,269 INFO L462 AbstractCegarLoop]: Abstraction has 72 states and 82 transitions. [2019-10-06 23:15:52,269 INFO L463 AbstractCegarLoop]: Interpolant automaton has 30 states. [2019-10-06 23:15:52,269 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 82 transitions. [2019-10-06 23:15:52,270 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2019-10-06 23:15:52,270 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:15:52,270 INFO L385 BasicCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:15:52,474 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:52,475 INFO L410 AbstractCegarLoop]: === Iteration 13 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:15:52,476 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:15:52,476 INFO L82 PathProgramCache]: Analyzing trace with hash -1585363814, now seen corresponding path program 10 times [2019-10-06 23:15:52,476 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:15:52,476 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:52,476 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:52,477 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:52,477 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:15:52,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:52,579 INFO L134 CoverageAnalysis]: Checked inductivity of 80 backedges. 6 proven. 19 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2019-10-06 23:15:52,579 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:52,579 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:15:52,579 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 11 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 11 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:52,772 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:52,773 INFO L256 TraceCheckSpWp]: Trace formula consists of 237 conjuncts, 12 conjunts are in the unsatisfiable core [2019-10-06 23:15:52,775 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:15:52,872 INFO L134 CoverageAnalysis]: Checked inductivity of 80 backedges. 10 proven. 15 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2019-10-06 23:15:52,873 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:15:52,935 INFO L134 CoverageAnalysis]: Checked inductivity of 80 backedges. 10 proven. 15 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2019-10-06 23:15:52,936 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:15:52,937 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:15:52,937 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:15:52,937 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:15:52,938 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:15:52,938 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:15:52,971 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:15:53,470 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:15:53,501 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:15:53,504 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:15:53,504 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:15:53,505 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,505 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,505 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,505 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:15:53,505 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= 0 (+ ~SIZE~0 2147483648)) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,505 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,505 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (= |#NULL.offset| 0)) (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= 0 (+ ~SIZE~0 2147483648)) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0))) (<= |old(~SIZE~0)| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,506 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:15:53,507 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:53,507 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,507 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:53,975 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 25 [2019-10-06 23:15:54,379 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:15:54,380 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:15:54,380 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13, 13, 11] total 31 [2019-10-06 23:15:54,381 INFO L442 AbstractCegarLoop]: Interpolant automaton has 31 states [2019-10-06 23:15:54,382 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2019-10-06 23:15:54,382 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=136, Invalid=794, Unknown=0, NotChecked=0, Total=930 [2019-10-06 23:15:54,382 INFO L87 Difference]: Start difference. First operand 72 states and 82 transitions. Second operand 31 states. [2019-10-06 23:15:56,146 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:15:56,226 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:15:56,227 INFO L93 Difference]: Finished difference Result 78 states and 88 transitions. [2019-10-06 23:15:56,227 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2019-10-06 23:15:56,227 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 47 [2019-10-06 23:15:56,228 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:15:56,228 INFO L225 Difference]: With dead ends: 78 [2019-10-06 23:15:56,229 INFO L226 Difference]: Without dead ends: 53 [2019-10-06 23:15:56,230 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 171 GetRequests, 114 SyntacticMatches, 10 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 791 ImplicationChecksByTransitivity, 2.1s TimeCoverageRelationStatistics Valid=328, Invalid=2024, Unknown=0, NotChecked=0, Total=2352 [2019-10-06 23:15:56,230 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2019-10-06 23:15:56,240 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2019-10-06 23:15:56,240 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 53 states. [2019-10-06 23:15:56,240 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 59 transitions. [2019-10-06 23:15:56,241 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 59 transitions. Word has length 47 [2019-10-06 23:15:56,241 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:15:56,241 INFO L462 AbstractCegarLoop]: Abstraction has 53 states and 59 transitions. [2019-10-06 23:15:56,241 INFO L463 AbstractCegarLoop]: Interpolant automaton has 31 states. [2019-10-06 23:15:56,241 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 59 transitions. [2019-10-06 23:15:56,242 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2019-10-06 23:15:56,242 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:15:56,242 INFO L385 BasicCegarLoop]: trace histogram [5, 5, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:15:56,449 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:56,450 INFO L410 AbstractCegarLoop]: === Iteration 14 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:15:56,450 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:15:56,450 INFO L82 PathProgramCache]: Analyzing trace with hash 916149111, now seen corresponding path program 11 times [2019-10-06 23:15:56,450 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:15:56,451 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:56,451 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:56,451 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:56,451 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:15:56,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:57,109 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 42 DAG size of output: 36 [2019-10-06 23:15:57,243 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 54 DAG size of output: 37 [2019-10-06 23:15:57,398 WARN L191 SmtUtils]: Spent 136.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 44 [2019-10-06 23:15:57,631 WARN L191 SmtUtils]: Spent 206.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 46 [2019-10-06 23:15:57,863 WARN L191 SmtUtils]: Spent 202.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 48 [2019-10-06 23:15:58,058 WARN L191 SmtUtils]: Spent 163.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 49 [2019-10-06 23:15:58,301 WARN L191 SmtUtils]: Spent 206.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 44 [2019-10-06 23:15:58,497 WARN L191 SmtUtils]: Spent 170.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 42 [2019-10-06 23:15:58,764 WARN L191 SmtUtils]: Spent 232.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 53 [2019-10-06 23:15:59,057 WARN L191 SmtUtils]: Spent 252.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 53 [2019-10-06 23:15:59,308 WARN L191 SmtUtils]: Spent 209.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 48 [2019-10-06 23:15:59,567 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 50 [2019-10-06 23:15:59,815 WARN L191 SmtUtils]: Spent 208.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 48 [2019-10-06 23:16:00,027 WARN L191 SmtUtils]: Spent 180.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 43 [2019-10-06 23:16:00,312 WARN L191 SmtUtils]: Spent 238.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 51 [2019-10-06 23:16:00,570 WARN L191 SmtUtils]: Spent 208.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 58 [2019-10-06 23:16:00,858 WARN L191 SmtUtils]: Spent 238.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 50 [2019-10-06 23:16:01,081 WARN L191 SmtUtils]: Spent 166.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 53 [2019-10-06 23:16:01,290 WARN L191 SmtUtils]: Spent 155.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 48 [2019-10-06 23:16:01,498 WARN L191 SmtUtils]: Spent 154.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 46 [2019-10-06 23:16:01,846 WARN L191 SmtUtils]: Spent 284.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 63 [2019-10-06 23:16:02,138 WARN L191 SmtUtils]: Spent 230.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 55 [2019-10-06 23:16:02,440 WARN L191 SmtUtils]: Spent 247.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 58 [2019-10-06 23:16:02,723 WARN L191 SmtUtils]: Spent 219.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 53 [2019-10-06 23:16:02,943 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 46 [2019-10-06 23:16:03,123 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 47 [2019-10-06 23:16:03,341 WARN L191 SmtUtils]: Spent 161.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 52 [2019-10-06 23:16:03,592 WARN L191 SmtUtils]: Spent 181.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 53 [2019-10-06 23:16:03,803 WARN L191 SmtUtils]: Spent 150.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 55 [2019-10-06 23:16:04,016 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 54 [2019-10-06 23:16:04,192 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 47 [2019-10-06 23:16:04,331 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 46 [2019-10-06 23:16:05,019 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 3 proven. 102 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:16:05,019 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:16:05,019 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:16:05,019 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 12 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 12 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:16:05,259 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2019-10-06 23:16:05,259 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:16:05,262 WARN L254 TraceCheckSpWp]: Trace formula consists of 262 conjuncts, 144 conjunts are in the unsatisfiable core [2019-10-06 23:16:05,266 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:16:11,436 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 5 proven. 90 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:16:11,436 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:16:27,369 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 0 proven. 95 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:16:27,369 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:16:27,371 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:16:27,371 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:16:27,371 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:16:27,371 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:16:27,372 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:16:27,395 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:16:27,869 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:16:27,890 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:16:27,893 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:16:27,893 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:16:27,893 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,893 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,894 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,894 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:16:27,894 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,894 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,894 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,894 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:16:27,894 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:27,895 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:29,771 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:16:30,977 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:16:30,977 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [47, 41, 39, 11] total 129 [2019-10-06 23:16:30,978 INFO L442 AbstractCegarLoop]: Interpolant automaton has 129 states [2019-10-06 23:16:30,979 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 129 interpolants. [2019-10-06 23:16:30,980 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=788, Invalid=15723, Unknown=1, NotChecked=0, Total=16512 [2019-10-06 23:16:30,980 INFO L87 Difference]: Start difference. First operand 53 states and 59 transitions. Second operand 129 states. [2019-10-06 23:16:32,895 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 259 DAG size of output: 27 [2019-10-06 23:16:33,937 WARN L191 SmtUtils]: Spent 354.00 ms on a formula simplification. DAG size of input: 182 DAG size of output: 112 [2019-10-06 23:16:36,143 WARN L191 SmtUtils]: Spent 167.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 76 [2019-10-06 23:16:36,896 WARN L191 SmtUtils]: Spent 122.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 59 [2019-10-06 23:16:37,473 WARN L191 SmtUtils]: Spent 200.00 ms on a formula simplification. DAG size of input: 122 DAG size of output: 62 [2019-10-06 23:16:38,086 WARN L191 SmtUtils]: Spent 203.00 ms on a formula simplification. DAG size of input: 121 DAG size of output: 69 [2019-10-06 23:16:39,570 WARN L191 SmtUtils]: Spent 430.00 ms on a formula simplification. DAG size of input: 301 DAG size of output: 78 [2019-10-06 23:16:40,861 WARN L191 SmtUtils]: Spent 577.00 ms on a formula simplification. DAG size of input: 221 DAG size of output: 136 [2019-10-06 23:16:41,472 WARN L191 SmtUtils]: Spent 166.00 ms on a formula simplification. DAG size of input: 102 DAG size of output: 91 [2019-10-06 23:16:42,604 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 157 DAG size of output: 78 [2019-10-06 23:16:43,575 WARN L191 SmtUtils]: Spent 393.00 ms on a formula simplification. DAG size of input: 174 DAG size of output: 110 [2019-10-06 23:16:44,212 WARN L191 SmtUtils]: Spent 193.00 ms on a formula simplification. DAG size of input: 146 DAG size of output: 80 [2019-10-06 23:16:44,920 WARN L191 SmtUtils]: Spent 195.00 ms on a formula simplification. DAG size of input: 130 DAG size of output: 82 [2019-10-06 23:16:46,357 WARN L191 SmtUtils]: Spent 416.00 ms on a formula simplification. DAG size of input: 278 DAG size of output: 91 [2019-10-06 23:16:47,784 WARN L191 SmtUtils]: Spent 634.00 ms on a formula simplification. DAG size of input: 232 DAG size of output: 147 [2019-10-06 23:16:48,463 WARN L191 SmtUtils]: Spent 192.00 ms on a formula simplification. DAG size of input: 115 DAG size of output: 102 [2019-10-06 23:16:49,397 WARN L191 SmtUtils]: Spent 164.00 ms on a formula simplification. DAG size of input: 140 DAG size of output: 88 [2019-10-06 23:16:50,161 WARN L191 SmtUtils]: Spent 219.00 ms on a formula simplification. DAG size of input: 146 DAG size of output: 99 [2019-10-06 23:16:50,908 WARN L191 SmtUtils]: Spent 227.00 ms on a formula simplification. DAG size of input: 151 DAG size of output: 101 [2019-10-06 23:16:52,523 WARN L191 SmtUtils]: Spent 472.00 ms on a formula simplification. DAG size of input: 305 DAG size of output: 102 [2019-10-06 23:16:54,085 WARN L191 SmtUtils]: Spent 738.00 ms on a formula simplification. DAG size of input: 241 DAG size of output: 161 [2019-10-06 23:16:55,090 WARN L191 SmtUtils]: Spent 206.00 ms on a formula simplification. DAG size of input: 126 DAG size of output: 112 [2019-10-06 23:16:55,988 WARN L191 SmtUtils]: Spent 190.00 ms on a formula simplification. DAG size of input: 129 DAG size of output: 105 [2019-10-06 23:16:56,778 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 162 DAG size of output: 103 [2019-10-06 23:16:57,548 WARN L191 SmtUtils]: Spent 233.00 ms on a formula simplification. DAG size of input: 151 DAG size of output: 111 [2019-10-06 23:16:59,233 WARN L191 SmtUtils]: Spent 548.00 ms on a formula simplification. DAG size of input: 332 DAG size of output: 116 [2019-10-06 23:17:00,963 WARN L191 SmtUtils]: Spent 794.00 ms on a formula simplification. DAG size of input: 252 DAG size of output: 166 [2019-10-06 23:17:01,752 WARN L191 SmtUtils]: Spent 211.00 ms on a formula simplification. DAG size of input: 134 DAG size of output: 121 [2019-10-06 23:17:02,966 WARN L191 SmtUtils]: Spent 241.00 ms on a formula simplification. DAG size of input: 154 DAG size of output: 96 [2019-10-06 23:17:03,782 WARN L191 SmtUtils]: Spent 278.00 ms on a formula simplification. DAG size of input: 152 DAG size of output: 98 [2019-10-06 23:17:04,638 WARN L191 SmtUtils]: Spent 287.00 ms on a formula simplification. DAG size of input: 161 DAG size of output: 104 [2019-10-06 23:17:05,762 WARN L191 SmtUtils]: Spent 352.00 ms on a formula simplification. DAG size of input: 240 DAG size of output: 104 [2019-10-06 23:17:06,494 WARN L191 SmtUtils]: Spent 190.00 ms on a formula simplification. DAG size of input: 122 DAG size of output: 109 [2019-10-06 23:17:07,301 WARN L191 SmtUtils]: Spent 163.00 ms on a formula simplification. DAG size of input: 116 DAG size of output: 78 [2019-10-06 23:17:08,029 WARN L191 SmtUtils]: Spent 198.00 ms on a formula simplification. DAG size of input: 137 DAG size of output: 83 [2019-10-06 23:17:08,689 WARN L191 SmtUtils]: Spent 183.00 ms on a formula simplification. DAG size of input: 134 DAG size of output: 81 [2019-10-06 23:17:09,417 WARN L191 SmtUtils]: Spent 217.00 ms on a formula simplification. DAG size of input: 139 DAG size of output: 84 [2019-10-06 23:17:10,572 WARN L191 SmtUtils]: Spent 386.00 ms on a formula simplification. DAG size of input: 236 DAG size of output: 81 [2019-10-06 23:17:13,155 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:17:13,155 INFO L93 Difference]: Finished difference Result 95 states and 111 transitions. [2019-10-06 23:17:13,156 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 59 states. [2019-10-06 23:17:13,156 INFO L78 Accepts]: Start accepts. Automaton has 129 states. Word has length 52 [2019-10-06 23:17:13,156 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:17:13,157 INFO L225 Difference]: With dead ends: 95 [2019-10-06 23:17:13,157 INFO L226 Difference]: Without dead ends: 90 [2019-10-06 23:17:13,159 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 253 GetRequests, 67 SyntacticMatches, 8 SemanticMatches, 178 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9899 ImplicationChecksByTransitivity, 64.4s TimeCoverageRelationStatistics Valid=2060, Invalid=30159, Unknown=1, NotChecked=0, Total=32220 [2019-10-06 23:17:13,160 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2019-10-06 23:17:13,186 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 79. [2019-10-06 23:17:13,186 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 79 states. [2019-10-06 23:17:13,187 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 90 transitions. [2019-10-06 23:17:13,187 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 90 transitions. Word has length 52 [2019-10-06 23:17:13,187 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:17:13,187 INFO L462 AbstractCegarLoop]: Abstraction has 79 states and 90 transitions. [2019-10-06 23:17:13,188 INFO L463 AbstractCegarLoop]: Interpolant automaton has 129 states. [2019-10-06 23:17:13,188 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 90 transitions. [2019-10-06 23:17:13,189 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2019-10-06 23:17:13,189 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:17:13,189 INFO L385 BasicCegarLoop]: trace histogram [6, 5, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:17:13,393 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:17:13,393 INFO L410 AbstractCegarLoop]: === Iteration 15 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:17:13,394 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:17:13,394 INFO L82 PathProgramCache]: Analyzing trace with hash -828820852, now seen corresponding path program 12 times [2019-10-06 23:17:13,394 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:17:13,394 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:17:13,394 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:17:13,394 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:17:13,394 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:17:13,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:17:13,489 INFO L134 CoverageAnalysis]: Checked inductivity of 111 backedges. 16 proven. 20 refuted. 0 times theorem prover too weak. 75 trivial. 0 not checked. [2019-10-06 23:17:13,489 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:17:13,489 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:17:13,489 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 13 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 13 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:17:13,706 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:17:13,707 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:17:13,708 INFO L256 TraceCheckSpWp]: Trace formula consists of 254 conjuncts, 14 conjunts are in the unsatisfiable core [2019-10-06 23:17:13,710 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:17:13,825 INFO L134 CoverageAnalysis]: Checked inductivity of 111 backedges. 21 proven. 15 refuted. 0 times theorem prover too weak. 75 trivial. 0 not checked. [2019-10-06 23:17:13,825 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:17:13,897 INFO L134 CoverageAnalysis]: Checked inductivity of 111 backedges. 21 proven. 15 refuted. 0 times theorem prover too weak. 75 trivial. 0 not checked. [2019-10-06 23:17:13,897 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:17:13,898 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:17:13,898 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:17:13,899 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:17:13,899 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:17:13,899 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:17:13,919 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:17:14,409 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:17:14,437 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:17:14,441 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:17:14,442 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:17:14,442 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,442 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,443 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,443 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:17:14,443 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= ~SIZE~0 2147483647) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,443 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,443 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,444 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:17:14,444 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,444 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,444 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,445 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,445 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,445 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,445 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:17:14,446 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:17:14,446 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,446 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:14,989 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:17:15,414 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:17:15,414 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 14, 14, 11] total 33 [2019-10-06 23:17:15,415 INFO L442 AbstractCegarLoop]: Interpolant automaton has 33 states [2019-10-06 23:17:15,416 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2019-10-06 23:17:15,416 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=159, Invalid=897, Unknown=0, NotChecked=0, Total=1056 [2019-10-06 23:17:15,416 INFO L87 Difference]: Start difference. First operand 79 states and 90 transitions. Second operand 33 states. [2019-10-06 23:17:17,375 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:17:17,375 INFO L93 Difference]: Finished difference Result 158 states and 185 transitions. [2019-10-06 23:17:17,376 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2019-10-06 23:17:17,376 INFO L78 Accepts]: Start accepts. Automaton has 33 states. Word has length 53 [2019-10-06 23:17:17,376 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:17:17,377 INFO L225 Difference]: With dead ends: 158 [2019-10-06 23:17:17,377 INFO L226 Difference]: Without dead ends: 86 [2019-10-06 23:17:17,378 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 196 GetRequests, 131 SyntacticMatches, 10 SemanticMatches, 55 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1041 ImplicationChecksByTransitivity, 2.3s TimeCoverageRelationStatistics Valid=468, Invalid=2724, Unknown=0, NotChecked=0, Total=3192 [2019-10-06 23:17:17,379 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 86 states. [2019-10-06 23:17:17,399 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 86 to 83. [2019-10-06 23:17:17,399 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 83 states. [2019-10-06 23:17:17,399 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 93 transitions. [2019-10-06 23:17:17,399 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 93 transitions. Word has length 53 [2019-10-06 23:17:17,399 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:17:17,400 INFO L462 AbstractCegarLoop]: Abstraction has 83 states and 93 transitions. [2019-10-06 23:17:17,400 INFO L463 AbstractCegarLoop]: Interpolant automaton has 33 states. [2019-10-06 23:17:17,400 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 93 transitions. [2019-10-06 23:17:17,400 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2019-10-06 23:17:17,400 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:17:17,401 INFO L385 BasicCegarLoop]: trace histogram [6, 6, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:17:17,609 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:17:17,610 INFO L410 AbstractCegarLoop]: === Iteration 16 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:17:17,610 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:17:17,610 INFO L82 PathProgramCache]: Analyzing trace with hash 1447023429, now seen corresponding path program 13 times [2019-10-06 23:17:17,610 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:17:17,611 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:17:17,611 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:17:17,611 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:17:17,611 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:17:17,630 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:17:17,730 INFO L134 CoverageAnalysis]: Checked inductivity of 117 backedges. 10 proven. 26 refuted. 0 times theorem prover too weak. 81 trivial. 0 not checked. [2019-10-06 23:17:17,731 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:17:17,731 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:17:17,731 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 14 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 14 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:17:18,023 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:17:18,024 INFO L256 TraceCheckSpWp]: Trace formula consists of 271 conjuncts, 14 conjunts are in the unsatisfiable core [2019-10-06 23:17:18,026 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:17:18,133 INFO L134 CoverageAnalysis]: Checked inductivity of 117 backedges. 15 proven. 21 refuted. 0 times theorem prover too weak. 81 trivial. 0 not checked. [2019-10-06 23:17:18,133 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:17:18,240 INFO L134 CoverageAnalysis]: Checked inductivity of 117 backedges. 15 proven. 21 refuted. 0 times theorem prover too weak. 81 trivial. 0 not checked. [2019-10-06 23:17:18,240 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:17:18,241 INFO L162 IcfgInterpreter]: Started Sifa with 18 locations of interest [2019-10-06 23:17:18,241 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:17:18,242 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:17:18,242 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:17:18,245 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:17:18,268 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:17:18,876 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:17:18,903 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:17:18,906 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:17:18,906 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:17:18,906 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 324#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,906 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 329#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 333#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location L50-4 satisfy 309#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 319#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,907 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 338#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 314#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:18,908 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:19,383 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:17:19,788 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:17:19,789 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:17:19,789 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 15, 15, 11] total 34 [2019-10-06 23:17:19,790 INFO L442 AbstractCegarLoop]: Interpolant automaton has 34 states [2019-10-06 23:17:19,790 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2019-10-06 23:17:19,790 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=166, Invalid=956, Unknown=0, NotChecked=0, Total=1122 [2019-10-06 23:17:19,791 INFO L87 Difference]: Start difference. First operand 83 states and 93 transitions. Second operand 34 states. [2019-10-06 23:17:21,863 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:17:21,956 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:17:21,956 INFO L93 Difference]: Finished difference Result 89 states and 99 transitions. [2019-10-06 23:17:21,956 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2019-10-06 23:17:21,957 INFO L78 Accepts]: Start accepts. Automaton has 34 states. Word has length 54 [2019-10-06 23:17:21,957 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:17:21,958 INFO L225 Difference]: With dead ends: 89 [2019-10-06 23:17:21,958 INFO L226 Difference]: Without dead ends: 60 [2019-10-06 23:17:21,959 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 196 GetRequests, 132 SyntacticMatches, 12 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1004 ImplicationChecksByTransitivity, 2.4s TimeCoverageRelationStatistics Valid=399, Invalid=2463, Unknown=0, NotChecked=0, Total=2862 [2019-10-06 23:17:21,959 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2019-10-06 23:17:21,973 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2019-10-06 23:17:21,973 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 60 states. [2019-10-06 23:17:21,974 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 66 transitions. [2019-10-06 23:17:21,974 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 66 transitions. Word has length 54 [2019-10-06 23:17:21,974 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:17:21,974 INFO L462 AbstractCegarLoop]: Abstraction has 60 states and 66 transitions. [2019-10-06 23:17:21,974 INFO L463 AbstractCegarLoop]: Interpolant automaton has 34 states. [2019-10-06 23:17:21,975 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 66 transitions. [2019-10-06 23:17:21,975 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2019-10-06 23:17:21,975 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:17:21,975 INFO L385 BasicCegarLoop]: trace histogram [6, 6, 6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:17:22,177 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:17:22,178 INFO L410 AbstractCegarLoop]: === Iteration 17 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:17:22,178 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:17:22,178 INFO L82 PathProgramCache]: Analyzing trace with hash -1309511636, now seen corresponding path program 14 times [2019-10-06 23:17:22,179 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:17:22,179 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:17:22,179 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:17:22,179 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:17:22,180 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:17:22,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:17:23,117 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 49 [2019-10-06 23:17:23,292 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 51 [2019-10-06 23:17:23,533 WARN L191 SmtUtils]: Spent 209.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 52 [2019-10-06 23:17:23,720 WARN L191 SmtUtils]: Spent 154.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 53 [2019-10-06 23:17:23,931 WARN L191 SmtUtils]: Spent 173.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 59 [2019-10-06 23:17:24,113 WARN L191 SmtUtils]: Spent 144.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 54 [2019-10-06 23:17:24,285 WARN L191 SmtUtils]: Spent 145.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 51 [2019-10-06 23:17:24,531 WARN L191 SmtUtils]: Spent 213.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 63 [2019-10-06 23:17:24,805 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 67 [2019-10-06 23:17:25,068 WARN L191 SmtUtils]: Spent 224.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 62 [2019-10-06 23:17:25,335 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 60 [2019-10-06 23:17:25,621 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 66 [2019-10-06 23:17:25,869 WARN L191 SmtUtils]: Spent 192.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 56 [2019-10-06 23:17:26,059 WARN L191 SmtUtils]: Spent 158.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 53 [2019-10-06 23:17:26,410 WARN L191 SmtUtils]: Spent 304.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 63 [2019-10-06 23:17:26,802 WARN L191 SmtUtils]: Spent 335.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 70 [2019-10-06 23:17:27,144 WARN L191 SmtUtils]: Spent 287.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 61 [2019-10-06 23:17:27,505 WARN L191 SmtUtils]: Spent 292.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 60 [2019-10-06 23:17:27,798 WARN L191 SmtUtils]: Spent 228.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 63 [2019-10-06 23:17:28,079 WARN L191 SmtUtils]: Spent 213.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 57 [2019-10-06 23:17:28,278 WARN L191 SmtUtils]: Spent 164.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 54 [2019-10-06 23:17:28,534 WARN L191 SmtUtils]: Spent 189.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 57 [2019-10-06 23:17:28,795 WARN L191 SmtUtils]: Spent 195.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 59 [2019-10-06 23:17:29,043 WARN L191 SmtUtils]: Spent 185.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 56 [2019-10-06 23:17:29,308 WARN L191 SmtUtils]: Spent 195.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 57 [2019-10-06 23:17:29,567 WARN L191 SmtUtils]: Spent 181.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 61 [2019-10-06 23:17:29,813 WARN L191 SmtUtils]: Spent 163.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 56 [2019-10-06 23:17:30,137 WARN L191 SmtUtils]: Spent 221.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 70 [2019-10-06 23:17:30,376 WARN L191 SmtUtils]: Spent 169.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 59 [2019-10-06 23:17:30,632 WARN L191 SmtUtils]: Spent 181.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 57 [2019-10-06 23:17:30,859 WARN L191 SmtUtils]: Spent 148.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 59 [2019-10-06 23:17:31,106 WARN L191 SmtUtils]: Spent 168.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 58 [2019-10-06 23:17:31,310 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 50 [2019-10-06 23:17:31,479 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 49 [2019-10-06 23:17:31,667 WARN L191 SmtUtils]: Spent 118.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 50 [2019-10-06 23:17:32,468 INFO L134 CoverageAnalysis]: Checked inductivity of 147 backedges. 6 proven. 141 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:17:32,468 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:17:32,468 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:17:32,468 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 15 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 15 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:17:32,762 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2019-10-06 23:17:32,763 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:17:32,766 WARN L254 TraceCheckSpWp]: Trace formula consists of 296 conjuncts, 169 conjunts are in the unsatisfiable core [2019-10-06 23:17:32,770 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:17:42,340 WARN L191 SmtUtils]: Spent 319.00 ms on a formula simplification. DAG size of input: 125 DAG size of output: 109 [2019-10-06 23:17:42,831 WARN L191 SmtUtils]: Spent 357.00 ms on a formula simplification. DAG size of input: 208 DAG size of output: 45 [2019-10-06 23:17:43,314 INFO L134 CoverageAnalysis]: Checked inductivity of 147 backedges. 6 proven. 126 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:17:43,315 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:18:18,179 WARN L191 SmtUtils]: Spent 123.00 ms on a formula simplification that was a NOOP. DAG size: 50 [2019-10-06 23:18:26,809 WARN L191 SmtUtils]: Spent 3.20 s on a formula simplification that was a NOOP. DAG size: 50 [2019-10-06 23:18:32,875 WARN L191 SmtUtils]: Spent 1.78 s on a formula simplification that was a NOOP. DAG size: 55 [2019-10-06 23:19:19,369 WARN L191 SmtUtils]: Spent 125.00 ms on a formula simplification that was a NOOP. DAG size: 119 [2019-10-06 23:19:21,818 WARN L191 SmtUtils]: Spent 228.00 ms on a formula simplification that was a NOOP. DAG size: 128 [2019-10-06 23:19:24,782 WARN L191 SmtUtils]: Spent 259.00 ms on a formula simplification that was a NOOP. DAG size: 132 [2019-10-06 23:19:28,272 WARN L191 SmtUtils]: Spent 246.00 ms on a formula simplification that was a NOOP. DAG size: 134 [2019-10-06 23:19:32,460 WARN L191 SmtUtils]: Spent 300.00 ms on a formula simplification that was a NOOP. DAG size: 136 [2019-10-06 23:19:37,367 WARN L191 SmtUtils]: Spent 260.00 ms on a formula simplification that was a NOOP. DAG size: 138 [2019-10-06 23:19:46,073 WARN L191 SmtUtils]: Spent 489.00 ms on a formula simplification that was a NOOP. DAG size: 128 [2019-10-06 23:19:54,085 WARN L191 SmtUtils]: Spent 655.00 ms on a formula simplification that was a NOOP. DAG size: 133 [2019-10-06 23:20:17,980 WARN L191 SmtUtils]: Spent 3.50 s on a formula simplification that was a NOOP. DAG size: 144 [2019-10-06 23:20:46,466 WARN L191 SmtUtils]: Spent 3.50 s on a formula simplification that was a NOOP. DAG size: 148 [2019-10-06 23:21:17,322 WARN L191 SmtUtils]: Spent 3.41 s on a formula simplification that was a NOOP. DAG size: 150 [2019-10-06 23:21:51,451 WARN L191 SmtUtils]: Spent 3.83 s on a formula simplification that was a NOOP. DAG size: 152 [2019-10-06 23:22:26,749 WARN L191 SmtUtils]: Spent 3.51 s on a formula simplification that was a NOOP. DAG size: 154 [2019-10-06 23:22:55,390 WARN L191 SmtUtils]: Spent 8.81 s on a formula simplification that was a NOOP. DAG size: 139 [2019-10-06 23:22:55,580 WARN L191 SmtUtils]: Spent 185.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 65 [2019-10-06 23:22:55,768 WARN L191 SmtUtils]: Spent 185.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 63 [2019-10-06 23:22:58,264 WARN L191 SmtUtils]: Spent 1.58 s on a formula simplification. DAG size of input: 304 DAG size of output: 280